Scientific Linux Security Update : tomcat6 on SL6.x (noarch)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- It was discovered that the code that parsed the HTTP
request line permitted invalid characters. This could be
exploited, in conjunction with a proxy that also
permitted the invalid characters but with a different
interpretation, to inject data into the HTTP response.
By manipulating the HTTP response the attacker could
poison a web-cache, perform an XSS attack, or obtain
sensitive information from requests other then their
own. (CVE-2016-6816)

Note: This fix causes Tomcat to respond with an HTTP 400 Bad Request
error when request contains characters that are not permitted by the
HTTP specification to appear not encoded, even though they were
previously accepted. The newly introduced system property
tomcat.util.http.parser.HttpParser.requestTargetAllow can be used to
configure Tomcat to accept curly braces ({ and }) and the pipe symbol
(|) in not encoded form, as these are often used in URLs without being
properly encoded.

- A bug was discovered in the error handling of the send
file code for the NIO HTTP connector. This led to the
current Processor object being added to the Processor
cache multiple times allowing information leakage
between requests including, and not limited to, session
ID and the response body. (CVE-2016-8745)

See also :

http://www.nessus.org/u?c870ec1f

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 97770 ()

Bugtraq ID:

CVE ID: CVE-2016-6816
CVE-2016-8745

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now