Oval Definition:oval:org.mitre.oval:def:23970
Revision Date:2014-05-26Version:20
Title:ELSA-2013:0869: tomcat6 security update (Important)
Description:The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2013-1976
CVE-2013-2051
ELSA-2013:0869-01
Platform(s):Oracle Linux 6
Product(s):tomcat6
Definition Synopsis
  • Oracle Linux 6.x
  • AND rpm test
  • tomcat6-jsp-2.1-api is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-webapps is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-docs-webapp is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-lib is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-javadoc is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-el-2.1-api is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-servlet-2.5-api is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6-admin-webapps is earlier than 0:6.0.24-55.el6_4
  • OR tomcat6 is earlier than 0:6.0.24-55.el6_4
    • BACK