ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0196
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0196)
Resumen:	The remote host is missing an update for the 'tomcat' package(s) announced via the MGASA-2017-0196 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tomcat' package(s) announced via the MGASA-2017-0196 advisory. Vulnerability Insight: Aniket Nandkishor Kulkarni discovered that in tomcat7, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement or removal of the custom error page (CVE-2017-5664). Affected Software/OS: 'tomcat' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5664 BugTraq ID: 98888 http://www.securityfocus.com/bid/98888 Debian Security Information: DSA-3891 (Google Search) http://www.debian.org/security/2017/dsa-3891 Debian Security Information: DSA-3892 (Google Search) http://www.debian.org/security/2017/dsa-3892 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 RedHat Security Advisories: RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 RedHat Security Advisories: RHSA-2017:1809 https://access.redhat.com/errata/RHSA-2017:1809 RedHat Security Advisories: RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493 RedHat Security Advisories: RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494 RedHat Security Advisories: RHSA-2017:2633 https://access.redhat.com/errata/RHSA-2017:2633 RedHat Security Advisories: RHSA-2017:2635 https://access.redhat.com/errata/RHSA-2017:2635 RedHat Security Advisories: RHSA-2017:2636 https://access.redhat.com/errata/RHSA-2017:2636 RedHat Security Advisories: RHSA-2017:2637 https://access.redhat.com/errata/RHSA-2017:2637 RedHat Security Advisories: RHSA-2017:2638 https://access.redhat.com/errata/RHSA-2017:2638 RedHat Security Advisories: RHSA-2017:3080 https://access.redhat.com/errata/RHSA-2017:3080 http://www.securitytracker.com/id/1038641
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.