Oval Definition:	oval:com.ubuntu.precise:def:20125886000
Revision Date: 2012-11-17 Version: 1 Title: CVE-2012-5886 on Ubuntu 12.04 LTS (precise) - medium. Description: The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. Family: unix Class: vulnerability Status: Reference(s): CVE-2012-5886 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'tomcat6' package in precise was vulnerable but has been fixed (note: '6.0.35-1ubuntu3.1'). OR The 'tomcat7' package in precise was vulnerable but has been fixed (note: '7.0.26-1ubuntu1.2').
BACK