This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as
used in Apache Tomcat, JBoss Web, and other products, allows remote
attackers to cause a denial of service (infinite loop and CPU
consumption) via a crafted Content-Type header that bypasses a loop's
intended exit conditions.
See also :
Run 'yum update tomcat7' to update your system.
Risk factor :
Medium / CVSS Base Score : 5.0
Public Exploit Available : true
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 73231 ()
CVE ID: CVE-2014-0050