This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Fixed various issues in tomcat :
- CVE-2007-3382: Handling of cookies containing a '
- CVE-2007-3385: Handling of \' in cookies
- CVE-2007-5641: tomcat path traversal / information leak
- CVE-2007-1860: directory traversal
- CVE-2007-3386: tomcat XSS
- CVE-2007-5342: insufficient access restrictions
Additionally the dbcp namespace in commons-dbcp.jar was fixed.
Update the affected apache2-mod_jk packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Public Exploit Available : true
Family: SuSE Local Security Checks
Nessus Plugin ID: 31338 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now