| Description: | Summary:
The remote host is missing an update for the 'tomcat, tomcat6' package(s) announced via the MGASA-2014-0268 advisory.
Vulnerability Insight:
Integer overflow in the parseChunkHeader function in
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache
Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote attackers to cause
a denial of service (resource consumption) via a malformed chunk size in
chunked transfer coding of a request during the streaming of data
(CVE-2014-0075).
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet
in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 does not properly
restrict XSLT stylesheets, which allows remote attackers to bypass
security-manager restrictions and read arbitrary files via a crafted web
application that provides an XML external entity declaration in conjunction
with an entity reference, related to an XML External Entity (XXE) issue
(CVE-2014-0096).
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache
Tomcat before 6.0.40 and 7.x before 7.0.53, when operated behind a reverse
proxy, allows remote attackers to conduct HTTP request smuggling attacks via
a crafted Content-Length HTTP header (CVE-2014-0099).
Apache Tomcat before 6.0.40 and 7.x before 7.0.54 does not properly
constrain the class loader that accesses the XML parser used with an XSLT
stylesheet, which allows remote attackers to read arbitrary files via a
crafted web application that provides an XML external entity declaration in
conjunction with an entity reference, related to an XML External Entity
(XXE) issue, or read files associated with different web applications on a
single Tomcat instance via a crafted web application (CVE-2014-0119).
Affected Software/OS:
'tomcat, tomcat6' package(s) on Mageia 3, Mageia 4.
Solution:
Please install the updated package(s).
CVSS Score:
5.0
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
