Vulnerabilities > CVE-2014-0230 - Resource Management Errors vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2654-1.NASL description It was discovered that the Tomcat XML parser incorrectly handled XML External Entities (XXE). A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0119) It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0227) It was discovered that Tomcat incorrectly handled HTTP responses occurring before the entire request body was finished being read. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0230) It was discovered that the Tomcat Expression Language (EL) implementation incorrectly handled accessible interfaces implemented by inaccessible classes. An attacker could possibly use this issue to bypass a SecurityManager protection mechanism. (CVE-2014-7810). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 84429 published 2015-06-26 reporter Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84429 title Ubuntu 14.04 LTS / 14.10 / 15.04 : tomcat7 vulnerabilities (USN-2654-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-2654-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(84429); script_version("2.13"); script_cvs_date("Date: 2019/09/18 12:31:44"); script_cve_id("CVE-2014-0119", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-7810"); script_bugtraq_id(67669, 72717, 74475, 74665); script_xref(name:"USN", value:"2654-1"); script_name(english:"Ubuntu 14.04 LTS / 14.10 / 15.04 : tomcat7 vulnerabilities (USN-2654-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "It was discovered that the Tomcat XML parser incorrectly handled XML External Entities (XXE). A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0119) It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0227) It was discovered that Tomcat incorrectly handled HTTP responses occurring before the entire request body was finished being read. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0230) It was discovered that the Tomcat Expression Language (EL) implementation incorrectly handled accessible interfaces implemented by inaccessible classes. An attacker could possibly use this issue to bypass a SecurityManager protection mechanism. (CVE-2014-7810). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/2654-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libtomcat7-java package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtomcat7-java"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/31"); script_set_attribute(attribute:"patch_publication_date", value:"2015/06/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(14\.04|14\.10|15\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 14.10 / 15.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"14.04", pkgname:"libtomcat7-java", pkgver:"7.0.52-1ubuntu0.3")) flag++; if (ubuntu_check(osver:"14.10", pkgname:"libtomcat7-java", pkgver:"7.0.55-1ubuntu0.2")) flag++; if (ubuntu_check(osver:"15.04", pkgname:"libtomcat7-java", pkgver:"7.0.56-2ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtomcat7-java"); }NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2016-656.NASL description It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810) It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) last seen 2020-06-01 modified 2020-06-02 plugin id 89837 published 2016-03-11 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89837 title Amazon Linux AMI : tomcat6 (ALAS-2016-656) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2016-656. # include("compat.inc"); if (description) { script_id(89837); script_version("2.2"); script_cvs_date("Date: 2018/04/18 15:09:35"); script_cve_id("CVE-2014-0230", "CVE-2014-7810"); script_xref(name:"ALAS", value:"2016-656"); script_name(english:"Amazon Linux AMI : tomcat6 (ALAS-2016-656)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810) It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2016-656.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update tomcat6' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-admin-webapps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-docs-webapp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-el-2.1-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-jsp-2.1-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-lib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-servlet-2.5-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:tomcat6-webapps"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"tomcat6-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-admin-webapps-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-docs-webapp-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-el-2.1-api-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-javadoc-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-jsp-2.1-api-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-lib-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-servlet-2.5-api-6.0.44-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"tomcat6-webapps-6.0.44-1.3.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc"); }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2599.NASL description From Red Hat Security Advisory 2016:2599 : An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The following packages have been upgraded to a newer upstream version: tomcat (7.0.69). (BZ#1287928) Security Fix(es) : * A CSRF flaw was found in Tomcat last seen 2020-06-01 modified 2020-06-02 plugin id 94718 published 2016-11-11 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94718 title Oracle Linux 7 : tomcat (ELSA-2016-2599) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:2599 and # Oracle Linux Security Advisory ELSA-2016-2599 respectively. # include("compat.inc"); if (description) { script_id(94718); script_version("2.6"); script_cvs_date("Date: 2019/09/27 13:00:37"); script_cve_id("CVE-2014-0230", "CVE-2015-5174", "CVE-2015-5345", "CVE-2015-5351", "CVE-2016-0706", "CVE-2016-0714", "CVE-2016-0763", "CVE-2016-3092"); script_xref(name:"RHSA", value:"2016:2599"); script_name(english:"Oracle Linux 7 : tomcat (ELSA-2016-2599)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2016:2599 : An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The following packages have been upgraded to a newer upstream version: tomcat (7.0.69). (BZ#1287928) Security Fix(es) : * A CSRF flaw was found in Tomcat's the index pages for the Manager and Host Manager applications. These applications included a valid CSRF token when issuing a redirect as a result of an unauthenticated request to the root of the web application. This token could then be used by an attacker to perform a CSRF attack. (CVE-2015-5351) * It was found that several Tomcat session persistence mechanisms could allow a remote, authenticated user to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that placed a crafted object in a session. (CVE-2016-0714) * A security manager bypass flaw was found in Tomcat that could allow remote, authenticated users to access arbitrary application data, potentially resulting in a denial of service. (CVE-2016-0763) * A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer (4096 bytes) used to read the uploaded file if the boundary was the typical tens of bytes long. (CVE-2016-3092) * A directory traversal flaw was found in Tomcat's RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a '/..' in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call. (CVE-2015-5174) * It was found that Tomcat could reveal the presence of a directory even when that directory was protected by a security constraint. A user could make a request to a directory via a URL not ending with a slash and, depending on whether Tomcat redirected that request, could confirm whether that directory existed. (CVE-2015-5345) * It was found that Tomcat allowed the StatusManagerServlet to be loaded by a web application when a security manager was configured. This allowed a web application to list all deployed web applications and expose sensitive information such as session IDs. (CVE-2016-0706) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2016-November/006483.html" ); script_set_attribute( attribute:"solution", value:"Update the affected tomcat packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-admin-webapps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-docs-webapp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-el-2.2-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-jsp-2.2-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-jsvc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-lib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-servlet-3.0-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:tomcat-webapps"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/06/07"); script_set_attribute(attribute:"patch_publication_date", value:"2016/11/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 7", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-admin-webapps-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-docs-webapp-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-el-2.2-api-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-javadoc-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-jsp-2.2-api-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-jsvc-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-lib-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-servlet-3.0-api-7.0.69-10.el7")) flag++; if (rpm_check(release:"EL7", cpu:"x86_64", reference:"tomcat-webapps-7.0.69-10.el7")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc"); }NASL family Misc. NASL id ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2015_CPU.NASL description The Oracle Secure Global Desktop installed on the remote host is version 4.63 / 4.71 / 5.1 / 5.2. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability exists in Kerberos 5 due to a failure to properly determine the acceptability of checksums. A remote attacker can exploit this to forge tokens or gain privileges by using an unkeyed checksum. (CVE-2010-1324) - A NULL pointer deference flaw exists in the function bdfReadCharacters() in file bdfread.c of the X.Org libXfont module due to improper handling of non-readable character bitmaps. An authenticated, remote attacker, using a crafted BDF font file, can exploit this to cause a denial of service or execute arbitrary code. (CVE-2015-1803) - An out-of-bounds read/write error exists in the SProcXFixesSelectSelectionInput() function in the XFixes extension. A remote, authenticated attacker, using a crafted length value, can exploit this to cause a denial of service or execute arbitrary code. (CVE-2014-8102) - A remote attacker, by using a crafted string length value in an XkbSetGeometry request, can gain access to sensitive information from process memory or cause a denial of service. (CVE-2015-0255) - An invalid read error exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service. (CVE-2015-0286) - A denial of service vulnerability exists in Apache Tomcat due to improper handling of HTTP responses that occurs before finishing reading an entire request body. A remote attacker can exploit this by using a crafted series of aborted upload attempts. (CVE-2014-0230) - A denial of service vulnerability exists in Apache Tomcat in ChunkedInputFilter.java due to improper handling of attempts to read data after an error has occurred. A remote attacker can exploit this by streaming data with malformed chunked-transfer encoding. (CVE-2014-0227) - A NULL pointer dereference flaw exists in the dtls1_get_record() function when handling DTLS messages. A remote attacker, using a specially crafted DTLS message, can cause a denial of service. (CVE-2014-3571) - An unspecified flaw exists that is related to the JServer subcomponent. A remote attacker can exploit this to impact confidentiality and integrity. No further details have been provided. (CVE-2015-2581) last seen 2020-06-01 modified 2020-06-02 plugin id 84795 published 2015-07-16 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84795 title Oracle Secure Global Desktop Multiple Vulnerabilities (July 2015 CPU) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0596.NASL description A Red Hat JBoss Enterprise Application Platform update is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.6, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.7 Release Notes, linked to in the References. Security Fix(es) : * A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open (denial of service). (CVE-2016-2094) * It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) The CVE-2016-2094 issue was discovered by Aaron Ogburn of Red Hat. last seen 2020-06-01 modified 2020-06-02 plugin id 90389 published 2016-04-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90389 title RHEL 6 : JBoss EAP (RHSA-2016:0596) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3447.NASL description It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section. last seen 2020-06-01 modified 2020-06-02 plugin id 87979 published 2016-01-19 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87979 title Debian DSA-3447-1 : tomcat7 - security update NASL family Debian Local Security Checks NASL id DEBIAN_DLA-232.NASL description The following vulnerabilities were found in Apache Tomcat 6 : CVE-2014-0227 The Tomcat security team identified that it was possible to conduct HTTP request smuggling attacks or cause a DoS by streaming malformed data. CVE-2014-0230 AntBean@secdig, from the Baidu Security Team, disclosed that it was possible to cause a limited DoS attack by feeding data by aborting an upload. CVE-2014-7810 The Tomcat security team identified that malicious web applications could bypass the Security Manager by the use of expression language. For Debian 6 last seen 2020-03-17 modified 2015-05-29 plugin id 83887 published 2015-05-29 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/83887 title Debian DLA-232-1 : tomcat6 security update NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_25E0593D13C011E59AFB3C970E169BC2.NASL description Apache Software Foundation reports : Low: Denial of Service CVE-2014-0230 When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the size of request body that Tomcat would swallow. This permitted a limited Denial of Service as Tomcat would never close the connection and a processing thread would remain allocated to the connection. Moderate: Security Manager bypass CVE-2014-7810 Malicious web applications could use expression language to bypass the protections of a Security Manager as expressions were evaluated within a privileged code section. last seen 2020-06-01 modified 2020-06-02 plugin id 84201 published 2015-06-16 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84201 title FreeBSD : tomcat -- multiple vulnerabilities (25e0593d-13c0-11e5-9afb-3c970e169bc2) NASL family Web Servers NASL id TOMCAT_6_0_44.NASL description According to its self-reported version number, the Apache Tomcat service listening on the remote host is 6.0.x prior to 6.0.44. It is, therefore, affected by multiple vulnerabilities : - An error exists due to a failure to limit the size of discarded requests. A remote attacker can exploit this to exhaust available memory resources, resulting in a denial of service condition. (CVE-2014-0230) - A NULL pointer dereference flaw exists when the SSLv3 option isn last seen 2020-04-30 modified 2015-05-15 plugin id 83490 published 2015-05-15 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/83490 title Apache Tomcat 6.0.x < 6.0.44 Multiple Vulnerabilities (FREAK) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0598.NASL description A jboss-ec2-eap update is now available for Red Hat JBoss Enterprise Application Platform 6.4.7 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). With this update, the packages have been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.7. Security Fix(es) : * A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open (denial of service). (CVE-2016-2094) * It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) The CVE-2016-2094 issue was discovered by Aaron Ogburn of Red Hat. last seen 2020-06-01 modified 2020-06-02 plugin id 90390 published 2016-04-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90390 title RHEL 6 : jboss-ec2-eap (RHSA-2016:0598) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL17123.NASL description Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. last seen 2020-06-01 modified 2020-06-02 plugin id 91301 published 2016-05-24 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91301 title F5 Networks BIG-IP : Apache Tomcat vulnerability (SOL17123) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2599.NASL description An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The following packages have been upgraded to a newer upstream version: tomcat (7.0.69). (BZ#1287928) Security Fix(es) : * A CSRF flaw was found in Tomcat last seen 2020-06-01 modified 2020-06-02 plugin id 95345 published 2016-11-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95345 title CentOS 7 : tomcat (CESA-2016:2599) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3530.NASL description Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. last seen 2020-06-01 modified 2020-06-02 plugin id 90205 published 2016-03-28 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90205 title Debian DSA-3530-1 : tomcat6 - security update NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-2660.NASL description Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server. (CVE-2014-0230) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) * This enhancement update adds the Red Hat JBoss Web Server 3.0.2 packages to Red Hat Enterprise Linux 7. These packages provide a number of enhancements over the previous version of Red Hat JBoss Web Server. (JIRA#JWS-229) Users of Red Hat JBoss Web Server are advised to upgrade to these updated packages, which add this enhancement. last seen 2020-06-01 modified 2020-06-02 plugin id 87458 published 2015-12-17 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87458 title RHEL 7 : JBoss Web Server (RHSA-2015:2660) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0597.NASL description A Red Hat JBoss Enterprise Application Platform update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.6, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.7 Release Notes, linked to in the References. Security Fix(es) : * A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open (denial of service). (CVE-2016-2094) * It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) The CVE-2016-2094 issue was discovered by Aaron Ogburn of Red Hat. last seen 2020-06-01 modified 2020-06-02 plugin id 90990 published 2016-05-09 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90990 title RHEL 7 : JBoss EAP (RHSA-2016:0597) NASL family Web Servers NASL id TOMCAT_8_0_9.NASL description According to its self-reported version number, the Apache Tomcat server running on the remote host is 8.0.x prior to version 8.0.9. It is, therefore, affected by the following vulnerabilities : - A flaw in last seen 2020-03-18 modified 2015-03-01 plugin id 81580 published 2015-03-01 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81580 title Apache Tomcat 8.0.x < 8.0.9 Multiple DoS NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0595.NASL description A Red Hat JBoss Enterprise Application Platform update is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.6, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.7 Release Notes, linked to in the References. Security Fix(es) : * A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open (denial of service). (CVE-2016-2094) * It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) The CVE-2016-2094 issue was discovered by Aaron Ogburn of Red Hat. last seen 2020-06-01 modified 2020-06-02 plugin id 90388 published 2016-04-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90388 title RHEL 5 : JBoss EAP (RHSA-2016:0595) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2599.NASL description An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The following packages have been upgraded to a newer upstream version: tomcat (7.0.69). (BZ#1287928) Security Fix(es) : * A CSRF flaw was found in Tomcat last seen 2020-06-01 modified 2020-06-02 plugin id 94562 published 2016-11-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94562 title RHEL 7 : tomcat (RHSA-2016:2599) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2655-1.NASL description It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. (CVE-2014-0227) It was discovered that Tomcat incorrectly handled HTTP responses occurring before the entire request body was finished being read. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2014-0230) It was discovered that the Tomcat Expression Language (EL) implementation incorrectly handled accessible interfaces implemented by inaccessible classes. An attacker could possibly use this issue to bypass a SecurityManager protection mechanism. (CVE-2014-7810). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 84430 published 2015-06-26 reporter Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84430 title Ubuntu 12.04 LTS : tomcat6 vulnerabilities (USN-2655-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-1622.NASL description Updated tomcat6 and tomcat7 packages that fix two security issues are now available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810) It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat Customer Portal are advised to apply this update. The Red Hat JBoss Web Server process must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 85441 published 2015-08-17 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85441 title RHEL 5 / 6 / 7 : JBoss Web Server (RHSA-2015:1622) NASL family Web Servers NASL id TOMCAT_7_0_55.NASL description According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.55. It is, therefore, affected by the following vulnerabilities : - A race condition exists in the ssl3_read_bytes() function when SSL_MODE_RELEASE_BUFFERS is enabled. This allows a remote attacker to inject data across sessions or cause a denial of service. (CVE-2010-5298) - A buffer overflow error exists related to invalid DTLS fragment handling that can lead to the execution of arbitrary code. Note that this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195) - An error exists in the do_ssl3_write() function that allows a NULL pointer to be dereferenced, resulting in a denial of service. Note that this issue is exploitable only if last seen 2020-03-18 modified 2014-09-02 plugin id 77475 published 2014-09-02 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77475 title Apache Tomcat 7.0.x < 7.0.55 Multiple Vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-2659.NASL description Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server. (CVE-2014-0230) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) * This enhancement update adds the Red Hat JBoss Web Server 3.0.2 packages to Red Hat Enterprise Linux 6. These packages provide a number of enhancements over the previous version of Red Hat JBoss Web Server. (JIRA#JWS-228) Users of Red Hat JBoss Web Server are advised to upgrade to these updated packages, which add this enhancement. last seen 2020-06-01 modified 2020-06-02 plugin id 87457 published 2015-12-17 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87457 title RHEL 6 : JBoss Web Server (RHSA-2015:2659)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://openwall.com/lists/oss-security/2015/04/10/1
- http://svn.apache.org/viewvc?view=revision&revision=1603770
- http://svn.apache.org/viewvc?view=revision&revision=1603779
- http://tomcat.apache.org/security-6.html
- http://svn.apache.org/viewvc?view=revision&revision=1603775
- http://tomcat.apache.org/security-8.html
- http://tomcat.apache.org/security-7.html
- http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.debian.org/security/2016/dsa-3530
- http://rhn.redhat.com/errata/RHSA-2016-0599.html
- http://rhn.redhat.com/errata/RHSA-2016-0597.html
- http://rhn.redhat.com/errata/RHSA-2016-0598.html
- http://rhn.redhat.com/errata/RHSA-2016-0595.html
- http://rhn.redhat.com/errata/RHSA-2016-0596.html
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
- http://marc.info/?l=bugtraq&m=145974991225029&w=2
- http://marc.info/?l=bugtraq&m=144498216801440&w=2
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://rhn.redhat.com/errata/RHSA-2015-2661.html
- https://access.redhat.com/errata/RHSA-2015:2659
- https://access.redhat.com/errata/RHSA-2015:2660
- https://issues.jboss.org/browse/JWS-220
- https://issues.jboss.org/browse/JWS-219
- http://www.debian.org/security/2016/dsa-3447
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
- http://rhn.redhat.com/errata/RHSA-2015-1622.html
- http://rhn.redhat.com/errata/RHSA-2015-1621.html
- http://www.ubuntu.com/usn/USN-2655-1
- http://www.securityfocus.com/bid/74475
- http://www.ubuntu.com/usn/USN-2654-1
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E