This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update of tomcat5 fixed the following security issues :
- tomcat: cnonce tracking weakness. (CVE-2012-5885)
- tomcat: stale nonce weakness. (CVE-2012-5887)
- tomcat: authentication caching weakness. (CVE-2012-5886)
- tomcat: affected by slowloris DoS. (CVE-2012-5568)
- tomcat: Bypass of security constraints. (CVE-2012-3546)
See also :
Apply ZYPP patch number 8397.
Risk factor :
Medium / CVSS Base Score : 5.0