Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for tomcat RHSA-2017:1809-01
Summary:The remote host is missing an update for the 'tomcat'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'tomcat'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Apache Tomcat is a servlet container for the
Java Servlet and JavaServer Pages (JSP) technologies.

Security Fix(es):

* A vulnerability was discovered in the error page mechanism in Tomcat's
DefaultServlet implementation. A crafted HTTP request could cause undesired
side effects, possibly including the removal or replacement of the custom
error page. (CVE-2017-5664)

* A vulnerability was discovered in Tomcat. When running an untrusted
application under a SecurityManager it was possible, under some
circumstances, for that application to retain references to the request or
response objects and thereby access and/or modify information associated
with another web application. (CVE-2017-5648)

Affected Software/OS:
tomcat on Red Hat Enterprise Linux Server (v. 7)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-5648
BugTraq ID: 97530
Debian Security Information: DSA-3842 (Google Search)
Debian Security Information: DSA-3843 (Google Search)
RedHat Security Advisories: RHSA-2017:1801
RedHat Security Advisories: RHSA-2017:1802
RedHat Security Advisories: RHSA-2017:1809
Common Vulnerability Exposure (CVE) ID: CVE-2017-5664
BugTraq ID: 98888
Debian Security Information: DSA-3891 (Google Search)
Debian Security Information: DSA-3892 (Google Search)
RedHat Security Advisories: RHSA-2017:2493
RedHat Security Advisories: RHSA-2017:2494
RedHat Security Advisories: RHSA-2017:2633
RedHat Security Advisories: RHSA-2017:2635
RedHat Security Advisories: RHSA-2017:2636
RedHat Security Advisories: RHSA-2017:2637
RedHat Security Advisories: RHSA-2017:2638
RedHat Security Advisories: RHSA-2017:3080
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.