Lucene search
This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2020-38.NASLHistoryJan 15, 2020 - 12:00 a.m.
openSUSE Security Update : tomcat (openSUSE-2020-38)
2020-01-1500:00:00
This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
0.17 Low
EPSS
Percentile
96.1%
This update for tomcat to version 9.0.30 fixes the following issues :
Security issue fixed :
-
CVE-2019-12418: Fixed a local privilege escalation through by manipulating the RMI registry and performing a man-in-the-middle attack (bsc#1159723).
-
CVE-2019-17563: Fixed a session fixation attack when using FORM authentication (bsc#1159729).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2020-38.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('compat.inc');
if (description)
{
script_id(132913);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");
script_cve_id("CVE-2019-10072", "CVE-2019-12418", "CVE-2019-17563");
script_xref(name:"CEA-ID", value:"CEA-2021-0004");
script_name(english:"openSUSE Security Update : tomcat (openSUSE-2020-38)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update for tomcat to version 9.0.30 fixes the following issues :
Security issue fixed :
- CVE-2019-12418: Fixed a local privilege escalation
through by manipulating the RMI registry and performing
a man-in-the-middle attack (bsc#1159723).
- CVE-2019-17563: Fixed a session fixation attack when
using FORM authentication (bsc#1159729).
This update was imported from the SUSE:SLE-15-SP1:Update update
project.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1139924");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1159723");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1159729");
script_set_attribute(attribute:"solution", value:
"Update the affected tomcat packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-17563");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/21");
script_set_attribute(attribute:"patch_publication_date", value:"2020/01/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-admin-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-docs-webapp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-el-3_0-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-embed");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-javadoc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-jsp-2_3-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-jsvc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-servlet-4_0-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tomcat-webapps");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-admin-webapps-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-docs-webapp-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-el-3_0-api-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-embed-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-javadoc-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-jsp-2_3-api-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-jsvc-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-lib-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-servlet-4_0-api-9.0.30-lp151.3.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"tomcat-webapps-9.0.30-lp151.3.6.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | tomcat | p-cpe:/a:novell:opensuse:tomcat |
| novell | opensuse | tomcat-admin-webapps | p-cpe:/a:novell:opensuse:tomcat-admin-webapps |
| novell | opensuse | tomcat-docs-webapp | p-cpe:/a:novell:opensuse:tomcat-docs-webapp |
| novell | opensuse | tomcat-el-3_0-api | p-cpe:/a:novell:opensuse:tomcat-el-3_0-api |
| novell | opensuse | tomcat-embed | p-cpe:/a:novell:opensuse:tomcat-embed |
| novell | opensuse | tomcat-javadoc | p-cpe:/a:novell:opensuse:tomcat-javadoc |
| novell | opensuse | tomcat-jsp-2_3-api | p-cpe:/a:novell:opensuse:tomcat-jsp-2_3-api |
| novell | opensuse | tomcat-jsvc | p-cpe:/a:novell:opensuse:tomcat-jsvc |
| novell | opensuse | tomcat-lib | p-cpe:/a:novell:opensuse:tomcat-lib |
| novell | opensuse | tomcat-servlet-4_0-api | p-cpe:/a:novell:opensuse:tomcat-servlet-4_0-api |
References
Related
openvas
openvas
openSUSE: Security Advisory for tomcat (openSUSE-SU-2020:0038-1)
2020-01-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0029-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0226-1)
2021-06-09 00:00:00
suse
suse
Security update for tomcat (important)
2020-01-14 00:00:00
amazon
amazon
Medium: tomcat8
2020-01-14 18:18:00
Important: tomcat
2023-05-11 17:49:00
nessus
nessus
Photon OS 2.0: Apache PHSA-2020-2.0-0200
2020-01-16 00:00:00
Debian DLA-2077-1 : tomcat7 security update
2020-01-28 00:00:00
Photon OS 1.0: Apache PHSA-2020-1.0-0264
2020-01-16 00:00:00
mageia
mageia
Updated tomcat packages fix security vulnerabilities
2020-01-28 10:52:40
Updated tomcat packages fix security vulnerabilities
2019-09-08 17:09:05
ibm
ibm
osv
osv
tomcat7 - security update
2020-01-27 00:00:00
tomcat9 - security update
2020-05-06 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2020-01-27 00:00:00
Tomcat vulnerabilities
2019-09-10 00:00:00
Tomcat vulnerabilities
2019-09-18 00:00:00
debian
debian
[SECURITY] [DLA 2077-1] tomcat7 security update
2020-01-27 23:13:25
[SECURITY] [DSA 4680-1] tomcat9 security update
2020-05-06 20:58:40
[SECURITY] [DLA 2155-1] tomcat8 security update
2020-03-24 13:23:18
tomcat
tomcat
Fixed in Apache Tomcat 7.0.99
2019-12-17 00:00:00
Fixed in Apache Tomcat 8.5.50
2019-12-12 00:00:00
Fixed in Apache Tomcat 9.0.30
2019-12-12 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2020-03-19 00:00:00
redhat
redhat
kaspersky
kaspersky
KLA11571 DoS vulnerability in Apache Tomcat
2019-05-13 00:00:00
KLA11626 SB vulnerability in Apache Tomcat
2019-12-12 00:00:00
KLA11627 SB vulnerability in Apache Tomcat
2019-11-21 00:00:00
symantec
symantec
Apache Tomcat CVE-2019-10072 Incomplete Fix Denial of Service Vulnerability
2019-06-20 00:00:00
Apache Tomcat CVE-2019-17563 Session Fixation Vulnerability
2019-12-18 00:00:00
Apache Tomcat CVE-2019-12418 Local Privilege Escalation Vulnerability
2019-12-18 00:00:00
cve
cve
cvelist
cvelist
photon
photon
zdi
zdi
Apache Tomcat reserveWindowSize Denial-Of-Service Vulnerability
2019-06-21 00:00:00
github
github
In Apache Tomcat, when using FORM authentication there was a narrow window where an attacker could perform a session fixation attack
2019-12-26 18:22:26
Insufficiently Protected Credentials in Apache Tomcat
2019-12-26 18:22:36
Improper Locking in Apache Tomcat
2019-06-26 01:09:40
atlassian
atlassian
cisa
cisa
Apache Releases Security Advisory for Apache Tomcat
2019-06-20 00:00:00
redhatcve
redhatcve
cgr
cgr
CVE-2019-17563 vulnerabilities
2024-05-19 03:07:16
CVE-2019-12418 vulnerabilities
2024-05-19 03:07:16
prion
prion
Session fixation
2019-12-23 17:15:00
Design/Logic Flaw
2019-12-23 18:15:00
Code injection
2019-06-21 18:15:00
veracode
veracode
Session Fixation
2019-12-19 08:29:44
Privilege Escalation
2019-12-23 08:45:46
Denial Of Service (DoS)
2019-06-21 05:42:50
ubuntucve
ubuntucve
debiancve
debiancve
f5
f5
K24551552 : Apache Tomcat vulnerability CVE-2019-17563
2020-01-23 00:00:00
K10107360 : Apache Tomcat vulnerability CVE-2019-12418
2020-01-07 00:00:00
K17321505 : Apache Tomcat vulnerability CVE-2019-10072
2019-06-27 00:00:00
nvd
nvd
hackerone
hackerone
centos
centos
tomcat security update
2020-10-20 19:04:26
oraclelinux
oraclelinux
tomcat security and bug fix update
2020-10-06 00:00:00
threatpost
threatpost
Oracle Ties Previous All-Time Patch High with January Updates
2020-01-14 23:43:10
rosalinux
rosalinux
Advisory ROSA-SA-2021-1988
2021-07-02 18:17:52
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
0.17 Low
EPSS
Percentile
96.1%
Related for OPENSUSE-2020-38.NASL