openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4997)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

Fixed various issues in tomcat :

- CVE-2007-3382: Handling of cookies containing a '

- CVE-2007-3385: Handling of \' in cookies

- CVE-2007-5641: tomcat path traversal / information leak

- CVE-2007-1860: directory traversal

- CVE-2007-3386: tomcat XSS

- CVE-2007-5342: insufficient access restrictions

Additionally the dbcp namespace in commons-dbcp.jar was fixed.

Solution :

Update the affected apache2-mod_jk packages.

Risk factor :

Medium / CVSS Base Score : 6.8
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 31338 ()

Bugtraq ID:

CVE ID: CVE-2007-1860

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now