Mandriva Linux Security Advisory : tomcat6 (MDVSA-2014:042)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

Updated tomcat6 packages fix security vulnerabilities :

It was discovered that Tomcat incorrectly handled certain requests
submitted using chunked transfer encoding. A remote attacker could use
this flaw to cause the Tomcat server to stop responding, resulting in
a denial of service (CVE-2012-3544).

A frame injection in the Javadoc component in Oracle Java SE 7 Update
21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and
earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote
attackers to affect integrity via unknown vectors related to Javadoc

A flaw was found in the way the tomcat6 init script handled the
tomcat6-initd.log log file. A malicious web application deployed on
Tomcat could use this flaw to perform a symbolic link attack to change
the ownership of an arbitrary system file to that of the tomcat user,
allowing them to escalate their privileges to root (CVE-2013-1976).

It was discovered that Tomcat incorrectly handled certain
authentication requests. A remote attacker could possibly use this
flaw to inject a request that would get executed with a victim's
credentials (CVE-2013-2067).

Note: With this update, tomcat6-initd.log has been moved from
/var/log/tomcat6/ to the /var/log/ directory.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.4
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 72595 ()

Bugtraq ID: 59797

CVE ID: CVE-2012-3544

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now