This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A flaw was found in Apache Commons FileUpload. Specially-crafted input
could trigger a denial of service if the buffer used by the
MultipartStream was not big enough.
Tomcat 7 includes an embedded copy of Apache Commons FileUpload, so it
was possible to craft a malformed Content-Type header for a multipart
request which would cause Tomcat to enter an infinite loop.
See also :
Run 'yum update tomcat7' to update your system.
Risk factor :
Medium / CVSS Base Score : 5.0
Public Exploit Available : true
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 73231 ()
CVE ID: CVE-2014-0050