Apache Tomcat 7.0.x < 7.0.40 Multiple Vulnerabilities

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Apache Tomcat service may be affected by multiple
vulnerabilities.

Description :

According to its self-reported version number, the instance of Apache
Tomcat 7.0 listening on the remote host is earlier than Tomcat 7.0.40.
Consequently, it could be affected by multiple vulnerabilities :

- An error exists related to 'AsyncListeners' that throw
'RuntimeExceptions' that could allow elements of certain
requests to be disclosed in responses to other requests.
(CVE-2013-2071)

- It is possible to upload a malicious JSP to a Tomcat
server and subsequently trigger execution of that JSP.
(CVE-2013-4444)

Note that Nessus has not tested for this issue but has instead relied
on the version in Tomcat's banner or error page.

See also :

http://www.securityfocus.com/archive/1/533399/30/0/threaded
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40

Solution :

Update to Apache Tomcat version 7.0.40 or later.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 2.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 66428 ()

Bugtraq ID: 59798
69728

CVE ID: CVE-2013-2071
CVE-2013-4444