OVAL Reference oval:com.ubuntu.xenial:def:20155345000

Oval Definition:

oval:com.ubuntu.xenial:def:20155345000

Revision Date:	2016-02-24	Version:	1
Title:	CVE-2015-5345 on Ubuntu 16.04 LTS (xenial) - low.
Description:	The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-5345
Platform(s):	Ubuntu 16.04 LTS	Product(s):
Definition Synopsis
Ubuntu 16.04 LTS (xenial) is installed. AND Package Information The 'tomcat6' package in xenial was vulnerable but has been fixed (note: '6.0.45+dfsg-1'). OR NOT While related to the CVE in some way, the 'tomcat7' package in xenial is not affected (note: '7.0.68-1'). OR NOT While related to the CVE in some way, the 'tomcat8' package in xenial is not affected (note: '8.0.32-1ubuntu1').