Mandriva Linux Security Advisory : tomcat6 (MDVSA-2014:042)

Medium Nessus Plugin ID 72595

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.6

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Updated tomcat6 packages fix security vulnerabilities :

It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to stop responding, resulting in a denial of service (CVE-2012-3544).

A frame injection in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc (CVE-2013-1571).

A flaw was found in the way the tomcat6 init script handled the tomcat6-initd.log log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root (CVE-2013-1976).

It was discovered that Tomcat incorrectly handled certain authentication requests. A remote attacker could possibly use this flaw to inject a request that would get executed with a victim's credentials (CVE-2013-2067).

Note: With this update, tomcat6-initd.log has been moved from /var/log/tomcat6/ to the /var/log/ directory.

Solution

Update the affected packages.

See Also

http://advisories.mageia.org/MGASA-2014-0082.html

Plugin Details

Severity: Medium

ID: 72595

File Name: mandriva_MDVSA-2014-042.nasl

Version: 1.11

Type: local

Published: 2014/02/20

Updated: 2019/10/16

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 6.6

CVSS v2.0

Base Score: 6.9

Temporal Score: 6

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:ND

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:tomcat6, p-cpe:/a:mandriva:linux:tomcat6-admin-webapps, p-cpe:/a:mandriva:linux:tomcat6-docs-webapp, p-cpe:/a:mandriva:linux:tomcat6-el-2.1-api, p-cpe:/a:mandriva:linux:tomcat6-javadoc, p-cpe:/a:mandriva:linux:tomcat6-jsp-2.1-api, p-cpe:/a:mandriva:linux:tomcat6-lib, p-cpe:/a:mandriva:linux:tomcat6-servlet-2.5-api, p-cpe:/a:mandriva:linux:tomcat6-systemv, p-cpe:/a:mandriva:linux:tomcat6-webapps, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/02/19

Reference Information

CVE: CVE-2012-3544, CVE-2013-1571, CVE-2013-1976, CVE-2013-2067

BID: 59797, 59799, 60186, 60634

MDVSA: 2014:042