SynopsisThe remote Apache Tomcat server is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the instance of Apache Tomcat 6.0.x listening on the remote host is prior to 6.0.39. It is, therefore, affected by the following vulnerabilities :
- The version of Java used to build the application generates Javadoc containing a frame injection error.
- The fix for CVE-2005-2090 was not complete and the application does not reject requests with multiple Content-Length HTTP headers or with Content-Length HTTP headers when using chunked encoding.
- The fix for CVE-2012-3544 was not complete and limits are not properly applied to chunk extensions and whitespaces in certain trailing headers. This error allows denial of service attacks. (CVE-2013-4322)
- The application allows XML External Entity (XXE) processing that discloses sensitive information.
- An error exists related to the 'disableURLRewriting' configuration option and session IDs. (CVE-2014-0033)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Apache Tomcat version 6.0.39 or later.