Amazon Linux AMI : tomcat7 (ALAS-2013-191)
Low Nessus Plugin ID 69749
SynopsisThe remote Amazon Linux AMI host is missing a security update.
Descriptionjava/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
SolutionRun 'yum update tomcat7' to update your system.