ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0149
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0149)
Resumen:	The remote host is missing an update for the 'tomcat' package(s) announced via the MGASA-2014-0149 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat' package(s) announced via the MGASA-2014-0149 advisory. Vulnerability Insight: Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data (CVE-2013-4322). Apache Tomcat 7.x before 7.0.50 allows attackers to obtain 'Tomcat internals' information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2013-4590). Affected Software/OS: 'tomcat' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4286 BugTraq ID: 65773 http://www.securityfocus.com/bid/65773 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-3530 (Google Search) http://www.debian.org/security/2016/dsa-3530 http://seclists.org/fulldisclosure/2014/Dec/23 HPdes Security Advisory: HPSBOV03503 http://marc.info/?l=bugtraq&m=144498216801440&w=2 HPdes Security Advisory: HPSBUX03150 http://marc.info/?l=bugtraq&m=141390017113542&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2015:052 https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2014:0343 http://rhn.redhat.com/errata/RHSA-2014-0343.html RedHat Security Advisories: RHSA-2014:0344 http://rhn.redhat.com/errata/RHSA-2014-0344.html RedHat Security Advisories: RHSA-2014:0345 http://rhn.redhat.com/errata/RHSA-2014-0345.html RedHat Security Advisories: RHSA-2014:0686 https://rhn.redhat.com/errata/RHSA-2014-0686.html http://secunia.com/advisories/57675 http://secunia.com/advisories/59036 http://secunia.com/advisories/59675 http://secunia.com/advisories/59722 http://secunia.com/advisories/59724 http://secunia.com/advisories/59733 http://secunia.com/advisories/59873 http://www.ubuntu.com/usn/USN-2130-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-4322 BugTraq ID: 65767 http://www.securityfocus.com/bid/65767 http://www.mandriva.com/security/advisories?name=MDVSA-2015:084 Common Vulnerability Exposure (CVE) ID: CVE-2013-4590 BugTraq ID: 65768 http://www.securityfocus.com/bid/65768
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.