ID de Prueba:	1.3.6.1.4.1.25623.1.0.871670
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for tomcat RHSA-2016:2046-01
Resumen:	The remote host is missing an update for the 'tomcat'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat' package(s) announced via the referenced advisory. Vulnerability Insight: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425) * It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325) * It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810) * It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388) * A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346) Red Hat would like to thank Dawid Golunski for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security. Affected Software/OS: tomcat on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-7810 BugTraq ID: 74665 http://www.securityfocus.com/bid/74665 Debian Security Information: DSA-3428 (Google Search) http://www.debian.org/security/2015/dsa-3428 Debian Security Information: DSA-3447 (Google Search) http://www.debian.org/security/2016/dsa-3447 Debian Security Information: DSA-3530 (Google Search) http://www.debian.org/security/2016/dsa-3530 HPdes Security Advisory: HPSBUX03561 http://marc.info/?l=bugtraq&m=145974991225029&w=2 https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2015:1621 http://rhn.redhat.com/errata/RHSA-2015-1621.html RedHat Security Advisories: RHSA-2015:1622 http://rhn.redhat.com/errata/RHSA-2015-1622.html RedHat Security Advisories: RHSA-2016:0492 http://rhn.redhat.com/errata/RHSA-2016-0492.html RedHat Security Advisories: RHSA-2016:2046 http://rhn.redhat.com/errata/RHSA-2016-2046.html http://www.securitytracker.com/id/1032330 http://www.ubuntu.com/usn/USN-2654-1 http://www.ubuntu.com/usn/USN-2655-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5346 BugTraq ID: 83323 http://www.securityfocus.com/bid/83323 Bugtraq: 20160222 [SECURITY] CVE-2015-5346 Apache Tomcat Session fixation (Google Search) http://seclists.org/bugtraq/2016/Feb/143 Debian Security Information: DSA-3552 (Google Search) http://www.debian.org/security/2016/dsa-3552 Debian Security Information: DSA-3609 (Google Search) http://www.debian.org/security/2016/dsa-3609 https://security.gentoo.org/glsa/201705-09 http://packetstormsecurity.com/files/135890/Apache-Tomcat-Session-Fixation.html RedHat Security Advisories: RHSA-2016:1087 https://access.redhat.com/errata/RHSA-2016:1087 RedHat Security Advisories: RHSA-2016:1088 https://access.redhat.com/errata/RHSA-2016:1088 RedHat Security Advisories: RHSA-2016:1089 http://rhn.redhat.com/errata/RHSA-2016-1089.html RedHat Security Advisories: RHSA-2016:2807 http://rhn.redhat.com/errata/RHSA-2016-2807.html RedHat Security Advisories: RHSA-2016:2808 http://rhn.redhat.com/errata/RHSA-2016-2808.html http://www.securitytracker.com/id/1035069 SuSE Security Announcement: SUSE-SU-2016:0769 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html SuSE Security Announcement: SUSE-SU-2016:0822 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html SuSE Security Announcement: openSUSE-SU-2016:0865 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html http://www.ubuntu.com/usn/USN-3024-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5388 1036331 http://www.securitytracker.com/id/1036331 91818 http://www.securityfocus.com/bid/91818 RHSA-2016:1624 http://rhn.redhat.com/errata/RHSA-2016-1624.html RHSA-2016:1635 https://access.redhat.com/errata/RHSA-2016:1635 RHSA-2016:1636 https://access.redhat.com/errata/RHSA-2016:1636 RHSA-2016:2045 http://rhn.redhat.com/errata/RHSA-2016-2045.html RHSA-2016:2046 VU#797896 http://www.kb.cert.org/vuls/id/797896 [activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E [activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries. https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E [activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E [debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html [tomcat-users] 20200813 CVE reporting discrepencies https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E [tomcat-users] 20200813 Re: CVE reporting discrepencies https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E [tomcat-users] 20200814 Re: CVE reporting discrepencies https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://httpoxy.org/ https://tomcat.apache.org/tomcat-7.0-doc/changelog.html https://www.apache.org/security/asf-httpoxy-response.txt openSUSE-SU-2016:2252 http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5425 1036979 http://www.securitytracker.com/id/1036979 40488 https://www.exploit-db.com/exploits/40488/ 93472 http://www.securityfocus.com/bid/93472 [oss-security] 20161010 CVE-2016-5425 - Apache Tomcat packaging on RedHat-based distros - Root Privilege Escalation (affecting CentOS, Fedora, OracleLinux, RedHat etc.) http://www.openwall.com/lists/oss-security/2016/10/10/2 http://legalhackers.com/advisories/Tomcat-RedHat-Pkgs-Root-PrivEsc-Exploit-CVE-2016-5425.html http://packetstormsecurity.com/files/139041/Apache-Tomcat-8-7-6-Privilege-Escalation.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6325 93478 http://www.securityfocus.com/bid/93478 RHSA-2017:0455 https://access.redhat.com/errata/RHSA-2017:0455 RHSA-2017:0456 https://access.redhat.com/errata/RHSA-2017:0456 RHSA-2017:0457 http://rhn.redhat.com/errata/RHSA-2017-0457.html https://bugzilla.redhat.com/show_bug.cgi?id=1367447
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.