SuSE 11.2 Security Update : tomcat6 (SAT Patch Number 7208)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

This update of tomcat6 fixes the following security issues :

- denial of service. (CVE-2012-4534)

- tomcat: HTTP NIO connector OOM DoS via a request with
large headers. (CVE-2012-2733)

- tomcat: cnonce tracking weakness. (CVE-2012-5885)

- tomcat: authentication caching weakness. (CVE-2012-5886)

- tomcat: stale nonce weakness. (CVE-2012-5887)

- tomcat: affected by slowloris DoS. (CVE-2012-5568)

- tomcat: Bypass of security constraints. (CVE-2012-3546)

- tomcat: bypass of CSRF prevention filter.

See also :

Solution :

Apply SAT patch number 7208.

Risk factor :

Medium / CVSS Base Score : 5.0
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 64430 ()

Bugtraq ID:

CVE ID: CVE-2012-2733

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now