Lucene search
This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2014-1088.NASLHistoryAug 23, 2014 - 12:00 a.m.
RHEL 5 : Red Hat JBoss Web Server 2.1.0 update (Important) (RHSA-2014:1088)
2014-08-2300:00:00
This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.957 High
EPSS
Percentile
99.4%
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1088 advisory.
-
tomcat: information disclosure via XXE when running untrusted web applications (CVE-2013-4590)
-
httpd: mod_deflate denial of service (CVE-2014-0118)
-
Tomcat/JBossWeb: XML parser hijack by malicious web application (CVE-2014-0119)
-
httpd: mod_status heap-based buffer overflow (CVE-2014-0226)
-
Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter (CVE-2014-0227)
-
httpd: mod_cgid denial of service (CVE-2014-0231)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2014:1088. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(77357);
script_version("1.23");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/24");
script_cve_id(
"CVE-2013-4590",
"CVE-2014-0118",
"CVE-2014-0119",
"CVE-2014-0226",
"CVE-2014-0227",
"CVE-2014-0231"
);
script_xref(name:"RHSA", value:"2014:1088");
script_name(english:"RHEL 5 : Red Hat JBoss Web Server 2.1.0 update (Important) (RHSA-2014:1088)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2014:1088 advisory.
- tomcat: information disclosure via XXE when running untrusted web applications (CVE-2013-4590)
- httpd: mod_deflate denial of service (CVE-2014-0118)
- Tomcat/JBossWeb: XML parser hijack by malicious web application (CVE-2014-0119)
- httpd: mod_status heap-based buffer overflow (CVE-2014-0226)
- Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter (CVE-2014-0227)
- httpd: mod_cgid denial of service (CVE-2014-0231)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Web_Server/2.1/html/2.1.0_Release_Notes/index.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5ecc67b2");
# https://access.redhat.com/security/data/csaf/v2/advisories/2014/rhsa-2014_1088.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bca3a854");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2014:1088");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1069911");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1102038");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1120596");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1120601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1120603");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0226");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-0227");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(122, 400, 470, 611);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"patch_publication_date", value:"2014/08/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/23");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:antlr-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-tomcat-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-tomcat-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dom4j-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ecj3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-c3p0-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-manual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:javassist-eap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-logging");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-transaction-api_1.1_spec");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_jk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_jk-ap22");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_jk-manual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_ssl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:storeconfig-tc6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:storeconfig-tc7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat-native");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '5')) audit(AUDIT_OS_NOT, 'Red Hat 5.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel/server/5/5Server/i386/jbews/2/os',
'content/dist/rhel/server/5/5Server/i386/jbews/2/source/SRPMS',
'content/dist/rhel/server/5/5Server/x86_64/jbews/2/os',
'content/dist/rhel/server/5/5Server/x86_64/jbews/2/source/SRPMS'
],
'pkgs': [
{'reference':'antlr-eap6-2.7.7-17.redhat_4.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'apache-commons-collections-eap6-3.2.1-15.redhat_3.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'apache-commons-collections-tomcat-eap6-3.2.1-15.redhat_3.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'apache-commons-daemon-eap6-1.0.15-5.redhat_1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'tomcat'},
{'reference':'apache-commons-daemon-jsvc-eap6-1.0.15-6.redhat_2.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'tomcat'},
{'reference':'apache-commons-daemon-jsvc-eap6-1.0.15-6.redhat_2.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'tomcat'},
{'reference':'apache-commons-pool-eap6-1.6-7.redhat_6.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'apache-commons-pool-tomcat-eap6-1.6-7.redhat_6.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'dom4j-eap6-1.6.1-20.redhat_6.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'ecj3-3.7.2-9.redhat_3.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'tomcat'},
{'reference':'hibernate4-c3p0-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'hibernate4-core-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'hibernate4-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'hibernate4-entitymanager-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'hibernate4-envers-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'hibernate4-infinispan-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-2.2.26-35.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-2.2.26-35.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-devel-2.2.26-35.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-devel-2.2.26-35.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-manual-2.2.26-35.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-manual-2.2.26-35.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-tools-2.2.26-35.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'httpd-tools-2.2.26-35.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'javassist-eap6-3.18.1-1.GA_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'jboss-logging-3.1.4-1.GA_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'jboss-transaction-api_1.1_spec-1.0.1-12.Final_redhat_2.2.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_cluster-1.2.9-1.Final_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_cluster-native-1.2.9-3.Final_redhat_2.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_cluster-native-1.2.9-3.Final_redhat_2.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_cluster-tomcat6-1.2.9-1.Final_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_cluster-tomcat7-1.2.9-1.Final_redhat_1.1.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_jk-ap22-1.2.40-2.redhat_1.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_jk-ap22-1.2.40-2.redhat_1.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_jk-manual-1.2.40-2.redhat_1.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_jk-manual-1.2.40-2.redhat_1.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_rt-2.4.1-6.GA.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_rt-2.4.1-6.GA.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_snmp-2.4.1-13.GA.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_snmp-2.4.1-13.GA.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'mod_ssl-2.2.26-35.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'tomcat'},
{'reference':'mod_ssl-2.2.26-35.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'tomcat'},
{'reference':'storeconfig-tc6-0.0.1-7.Alpha3_redhat_12.3.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'storeconfig-tc7-0.0.1-7.Alpha3_redhat_12.5.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat-native-1.1.30-2.redhat_1.ep6.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat-native-1.1.30-2.redhat_1.ep6.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-admin-webapps-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-docs-webapp-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-el-2.1-api-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-javadoc-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-jsp-2.1-api-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-lib-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-log4j-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-servlet-2.5-api-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat6-webapps-6.0.41-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-admin-webapps-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-docs-webapp-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-el-2.2-api-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-javadoc-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-jsp-2.2-api-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-lib-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-log4j-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-servlet-3.0-api-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'},
{'reference':'tomcat7-webapps-7.0.54-6_patch_02.ep6.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'tomcat'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'antlr-eap6 / apache-commons-collections-eap6 / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | tomcat7-jsp-2.2-api | p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api |
| redhat | enterprise_linux | tomcat7-lib | p-cpe:/a:redhat:enterprise_linux:tomcat7-lib |
| redhat | enterprise_linux | tomcat7-log4j | p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j |
| redhat | enterprise_linux | tomcat7-servlet-3.0-api | p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api |
| redhat | enterprise_linux | tomcat7-webapps | p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps |
| redhat | enterprise_linux | 5 | cpe:/o:redhat:enterprise_linux:5 |
| redhat | enterprise_linux | antlr-eap6 | p-cpe:/a:redhat:enterprise_linux:antlr-eap6 |
| redhat | enterprise_linux | apache-commons-collections-eap6 | p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6 |
| redhat | enterprise_linux | apache-commons-collections-tomcat-eap6 | p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-tomcat-eap6 |
| redhat | enterprise_linux | apache-commons-daemon-eap6 | p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
www.nessus.org/u?5ecc67b2
www.nessus.org/u?bca3a854
access.redhat.com/errata/RHSA-2014:1088
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1069911
bugzilla.redhat.com/show_bug.cgi?id=1102038
bugzilla.redhat.com/show_bug.cgi?id=1120596
bugzilla.redhat.com/show_bug.cgi?id=1120601
bugzilla.redhat.com/show_bug.cgi?id=1120603
Related
redhat
redhat
(RHSA-2014:1087) Important: Red Hat JBoss Web Server 2.1.0 update
2014-08-21 15:24:12
(RHSA-2014:1088) Important: Red Hat JBoss Web Server 2.1.0 update
2014-08-21 00:00:00
(RHSA-2014:0920) Important: httpd security update
2014-07-23 00:00:00
nessus
nessus
RHEL 6 : JBoss Web Server (RHSA-2014:1087)
2014-08-23 00:00:00
Oracle Linux 5 / 6 : httpd (ELSA-2014-0920)
2014-07-24 00:00:00
Amazon Linux AMI : httpd (ALAS-2014-388)
2014-10-12 00:00:00
oraclelinux
oraclelinux
tomcat6 security update
2014-08-11 00:00:00
httpd security update
2014-07-23 00:00:00
httpd security update
2014-07-23 00:00:00
openvas
openvas
CentOS Update for httpd CESA-2014:0920 centos6
2014-07-28 00:00:00
CentOS Update for httpd CESA-2014:0920 centos5
2014-07-28 00:00:00
Oracle: Security Advisory (ELSA-2014-1038)
2015-10-06 00:00:00
amazon
amazon
Important: httpd
2014-07-31 13:54:00
Important: httpd24
2014-07-31 13:56:00
debian
debian
[SECURITY] [DSA 2989-1] apache2 security update
2014-07-24 22:19:45
[SECURITY] [DSA 2989-1] apache2 security update
2014-07-24 22:19:45
[SECURITY] [DLA 66-1] apache2 security update
2014-09-29 13:40:41
centos
centos
httpd, mod_ssl security update
2014-07-23 15:12:33
tomcat6 security update
2014-08-11 18:04:13
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2014-07-23 15:36:55
ibm
ibm
osv
osv
apache2 - security update
2014-07-24 00:00:00
apache2 - security update
2014-09-29 00:00:00
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-14 01:10:35
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:42
Denial Of Service (DoS)
2019-05-02 05:03:41
Denial Of Service (DoS)
2019-05-02 05:03:43
mageia
mageia
Updated apache package fixes security vulnerabilities
2014-07-30 01:30:55
Updated apache package fixes security vulnerabilities
2014-07-30 01:30:55
Updated tomcat packages fix CVE-2014-0227
2015-02-19 19:37:50
gentoo
gentoo
Apache: Multiple vulnerabilities
2015-04-11 00:00:00
slackware
slackware
[slackware-security] httpd
2014-07-24 01:35:41
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2014-07-23 00:00:00
Tomcat vulnerabilities
2015-06-25 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: httpd-2.4.10-1.fc20
2014-07-25 10:03:52
[SECURITY] Fedora 19 Update: httpd-2.4.10-1.fc19
2014-08-15 02:47:11
freebsd
freebsd
apache22 -- several vulnerabilities
2014-07-19 00:00:00
apache24 -- several vulnerabilities
2014-07-15 00:00:00
securityvulns
securityvulns
[USN-2299-1] Apache HTTP Server vulnerabilities
2014-07-28 00:00:00
Apache multiple security vulnerabilities
2014-07-28 00:00:00
hackerone
hackerone
Boozt Fashion AB: Instance of Apache Vulnerable to Several Issues
2016-09-08 15:44:15
Internet Bug Bounty: moderate: mod_deflate denial of service
2014-02-19 00:00:00
f5
f5
SOL15893 - Apache HTTP server vulnerabilities CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, and CVE-2014-3523
2014-12-04 00:00:00
K15429 : Apache Tomcat vulnerability CVE-2014-0119
2014-10-14 00:00:00
SOL15429 - Apache Tomcat vulnerability CVE-2014-0119
2014-07-17 00:00:00
suse
suse
Security update for the Apache Web Server (important)
2014-08-07 01:04:17
Security update for apache2 (important)
2014-09-02 19:04:20
Security update for apache2 (important)
2014-09-02 20:04:23
atlassian
atlassian
CVE-2013-4590 vulnerability with Tomcat 7.0.42 shipped with Crowd 2.7.2
2014-05-24 04:42:42
CVE-2013-4590 vulnerability with Tomcat 7.0.42 shipped with Crowd 2.7.2
2014-05-24 04:42:42
seebug
seebug
Apache TomcatXML外部实体信息泄漏漏洞
2014-02-27 00:00:00
nvd
nvd
CVE-2013-4590
2014-02-26 14:55:08
CVE-2014-0119
2014-05-31 11:17:13
cve
cve
ubuntucve
ubuntucve
debiancve
debiancve
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-14 01:10:35
Missing XML Validation in Apache Tomcat
2022-05-14 01:10:18
cvelist
cvelist
prion
prion
httpd
httpd
Apache Httpd < 2.4.10 : mod_deflate denial of service
2014-02-19 00:00:00
Apache Httpd < 2.2.29 : mod_deflate denial of service
2014-02-19 00:00:00
Apache Httpd < 2.2.29 : mod_status buffer overflow
2014-05-30 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.54
2014-05-22 00:00:00
Fixed in Apache Tomcat 8.0.8
2014-05-21 00:00:00
Fixed in Apache Tomcat 6.0.43
2014-11-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTP Server mod_deflate Denial of Service - Ver2 (CVE-2014-0118)
2014-12-28 00:00:00
zdi
zdi
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.957 High
EPSS
Percentile
99.4%
Related for REDHAT-RHSA-2014-1088.NASL