Fedora 16 : tomcat-7.0.33-1.fc16 (2012-20151)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Updated to 7.0.33

- Resolves: rhbz 873620 need chkconfig for
update-alternatives

- Resolves: rhbz 883676,883691,883704,873707 fix several
security issues

- Resolves: rhbz 883806 refix logdir ownership

- Resolves: rhbz 820119 Remove bundled
apache-commons-dbcp

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=873664
https://bugzilla.redhat.com/show_bug.cgi?id=873695
https://bugzilla.redhat.com/show_bug.cgi?id=883634
https://bugzilla.redhat.com/show_bug.cgi?id=883636
https://bugzilla.redhat.com/show_bug.cgi?id=883637
http://www.nessus.org/u?0bbf6a2f

Solution :

Update the affected tomcat package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 63309 ()

Bugtraq ID: 56402
56403
56812
56813
56814

CVE ID: CVE-2012-2733
CVE-2012-3546
CVE-2012-4431
CVE-2012-4534
CVE-2012-5885
CVE-2012-5886
CVE-2012-5887

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now