Ubuntu Security Notice (C) 2010-2014 Canonical, Inc. / NASL script (C) 2010-2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
It was discovered that Tomcat did not correctly validate WAR filenames
or paths when deploying. A remote attacker could send a specially
crafted WAR file to be deployed and cause arbitrary files and
directories to be created, overwritten, or deleted.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 5.0
Public Exploit Available : true