Oval Definition:oval:org.mitre.oval:def:20991
Revision Date:2014-02-17Version:38
Title:RHSA-2013:0869: tomcat6 security update (Important)
Description:The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:0869
CVE-2013-1976
CVE-2013-2051
RHSA-2013:0869-01
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):tomcat6
Definition Synopsis
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • tomcat6-jsp-2.1-api is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-webapps is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-docs-webapp is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-lib is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-javadoc is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-el-2.1-api is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-servlet-2.5-api is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-admin-webapps is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6 is earlier than 0:6.0.24-55.el6_4
    • BACK