Oracle Solaris Third-Party Patch Update : ant (algorithmic_complexity_vulnerability_in_apache)
Medium Nessus Plugin ID 80580
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs. (CVE-2012-2098)
SolutionUpgrade to Solaris 188.8.131.52.