Synopsis
The remote Apache Tomcat server is affected by multiple vulnerabilities.
Description
According to its self-reported version number, the instance of Apache Tomcat 6.0 listening on the remote host is prior to 6.0.28. It is, therefore, affected by multiple vulnerabilities:
- If a web app is configured to use BASIC or DIGEST authentication and the 'realm-name' attribute is not configured in that web app's 'web.xml' file, the remote server's hostname or IP will be included in replies. (CVE-2010-1157)
- An error exists in the handling of invalid values in the 'Transfer-Encoding' header of a request. An attacker can exploit this to cause a denial of service or to disclose sensitive information. (CVE-2010-2227)
Note that Nessus Network Monitor has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Apache Tomcat 6.0.28 or later.