Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for tomcat6 RHSA-2015:0991-01
Summary:The remote host is missing an update for the 'tomcat6'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'tomcat6'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.

It was discovered that the ChunkedInputFilter in Tomcat did not fail
subsequent attempts to read input after malformed chunked encoding was
detected. A remote attacker could possibly use this flaw to make Tomcat
process part of the request body as new request, or cause a denial of
service. (CVE-2014-0227)

This update also fixes the following bug:

* Before this update, the tomcat6 init script did not try to kill the
tomcat process if an attempt to stop it was unsuccessful, which would
prevent tomcat from restarting properly. The init script was modified to
correct this issue. (BZ#1207048)

All Tomcat 6 users are advised to upgrade to these updated packages, which
correct these issues. Tomcat must be restarted for this update to take

Affected Software/OS:
tomcat6 on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0227
BugTraq ID: 72717
Bugtraq: 20150209 [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling (Google Search)
Debian Security Information: DSA-3447 (Google Search)
Debian Security Information: DSA-3530 (Google Search)
HPdes Security Advisory: HPSBUX03337
HPdes Security Advisory: HPSBUX03341
HPdes Security Advisory: SSRT102066
HPdes Security Advisory: SSRT102068
RedHat Security Advisories: RHSA-2015:0675
RedHat Security Advisories: RHSA-2015:0720
RedHat Security Advisories: RHSA-2015:0765
RedHat Security Advisories: RHSA-2015:0983
RedHat Security Advisories: RHSA-2015:0991
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.