Oval Definition:oval:org.opensuse.security:def:20165388
Revision Date:2022-05-20Version:1
Title:CVE-2016-5388
Description:

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-5388
Mitre CVE-2016-5388
SUSE CVE-2016-5388
openSUSE-SU-2016:2252-1
openSUSE-SU-2016:2252-1
SUSE-SU-2016:2188-1
SUSE-SU-2016:2188-1
SUSE-SU-2016:2229-1
SUSE-SU-2016:2229-1
SUSE-SU-2017:1632-1
SUSE-SU-2017:1632-1
SUSE-SU-2017:1660-1
SUSE-SU-2017:1660-1
TID7017856
Platform(s):openSUSE Leap 42.1
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise Point of Sale 11 SP3
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.45-0.53.2 is installed
  • OR tomcat6-admin-webapps-6.0.45-0.53.2 is installed
  • OR tomcat6-docs-webapp-6.0.45-0.53.2 is installed
  • OR tomcat6-javadoc-6.0.45-0.53.2 is installed
  • OR tomcat6-jsp-2_1-api-6.0.45-0.53.2 is installed
  • OR tomcat6-lib-6.0.45-0.53.2 is installed
  • OR tomcat6-servlet-2_5-api-6.0.45-0.53.2 is installed
  • OR tomcat6-webapps-6.0.45-0.53.2 is installed
    • Definition Synopsis
  • openSUSE Leap 42.1 is installed
  • AND Package Information
  • tomcat-8.0.32-8.1 is installed
  • AND tomcat is signed with openSUSE key
  • OR
  • tomcat-admin-webapps-8.0.32-8.1 is installed
  • AND tomcat-admin-webapps is signed with openSUSE key
  • OR
  • tomcat-docs-webapp-8.0.32-8.1 is installed
  • AND tomcat-docs-webapp is signed with openSUSE key
  • OR
  • tomcat-el-3_0-api-8.0.32-8.1 is installed
  • AND tomcat-el-3_0-api is signed with openSUSE key
  • OR
  • tomcat-embed-8.0.32-8.1 is installed
  • AND tomcat-embed is signed with openSUSE key
  • OR
  • tomcat-javadoc-8.0.32-8.1 is installed
  • AND tomcat-javadoc is signed with openSUSE key
  • OR
  • tomcat-jsp-2_3-api-8.0.32-8.1 is installed
  • AND tomcat-jsp-2_3-api is signed with openSUSE key
  • OR
  • tomcat-jsvc-8.0.32-8.1 is installed
  • AND tomcat-jsvc is signed with openSUSE key
  • OR
  • tomcat-lib-8.0.32-8.1 is installed
  • AND tomcat-lib is signed with openSUSE key
  • OR
  • tomcat-servlet-3_1-api-8.0.32-8.1 is installed
  • AND tomcat-servlet-3_1-api is signed with openSUSE key
  • OR
  • tomcat-webapps-8.0.32-8.1 is installed
  • AND tomcat-webapps is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • tomcat-8.0.32-8 is installed
  • OR tomcat-admin-webapps-8.0.32-8 is installed
  • OR tomcat-docs-webapp-8.0.32-8 is installed
  • OR tomcat-el-3_0-api-8.0.32-8 is installed
  • OR tomcat-javadoc-8.0.32-8 is installed
  • OR tomcat-jsp-2_3-api-8.0.32-8 is installed
  • OR tomcat-lib-8.0.32-8 is installed
  • OR tomcat-servlet-3_1-api-8.0.32-8 is installed
  • OR tomcat-webapps-8.0.32-8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND
  • tomcat-8.0.32-8 is installed
  • OR tomcat-admin-webapps-8.0.32-8 is installed
  • OR tomcat-docs-webapp-8.0.32-8 is installed
  • OR tomcat-el-3_0-api-8.0.32-8 is installed
  • OR tomcat-javadoc-8.0.32-8 is installed
  • OR tomcat-jsp-2_3-api-8.0.32-8 is installed
  • OR tomcat-lib-8.0.32-8 is installed
  • OR tomcat-servlet-3_1-api-8.0.32-8 is installed
  • OR tomcat-webapps-8.0.32-8 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND
  • tomcat-7.0.78-7.13 is installed
  • OR tomcat-admin-webapps-7.0.78-7.13 is installed
  • OR tomcat-docs-webapp-7.0.78-7.13 is installed
  • OR tomcat-el-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-javadoc-7.0.78-7.13 is installed
  • OR tomcat-jsp-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-lib-7.0.78-7.13 is installed
  • OR tomcat-servlet-3_0-api-7.0.78-7.13 is installed
  • OR tomcat-webapps-7.0.78-7.13 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Point of Sale 11 SP3 is installed
  • AND
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • AND
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND
  • tomcat-8.0.32-8 is installed
  • OR tomcat-admin-webapps-8.0.32-8 is installed
  • OR tomcat-docs-webapp-8.0.32-8 is installed
  • OR tomcat-el-3_0-api-8.0.32-8 is installed
  • OR tomcat-javadoc-8.0.32-8 is installed
  • OR tomcat-jsp-2_3-api-8.0.32-8 is installed
  • OR tomcat-lib-8.0.32-8 is installed
  • OR tomcat-servlet-3_1-api-8.0.32-8 is installed
  • OR tomcat-webapps-8.0.32-8 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND
  • tomcat-7.0.78-7.13 is installed
  • OR tomcat-admin-webapps-7.0.78-7.13 is installed
  • OR tomcat-docs-webapp-7.0.78-7.13 is installed
  • OR tomcat-el-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-javadoc-7.0.78-7.13 is installed
  • OR tomcat-jsp-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-lib-7.0.78-7.13 is installed
  • OR tomcat-servlet-3_0-api-7.0.78-7.13 is installed
  • OR tomcat-webapps-7.0.78-7.13 is installed
  • OR Package Information
  • SUSE Linux Enterprise for SAP 12 is installed
  • AND
  • tomcat-7.0.78-7.13 is installed
  • OR tomcat-admin-webapps-7.0.78-7.13 is installed
  • OR tomcat-docs-webapp-7.0.78-7.13 is installed
  • OR tomcat-el-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-javadoc-7.0.78-7.13 is installed
  • OR tomcat-jsp-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-lib-7.0.78-7.13 is installed
  • OR tomcat-servlet-3_0-api-7.0.78-7.13 is installed
  • OR tomcat-webapps-7.0.78-7.13 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • AND
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12-LTSS is installed
  • AND
  • tomcat-7.0.78-7.13 is installed
  • OR tomcat-admin-webapps-7.0.78-7.13 is installed
  • OR tomcat-docs-webapp-7.0.78-7.13 is installed
  • OR tomcat-el-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-javadoc-7.0.78-7.13 is installed
  • OR tomcat-jsp-2_2-api-7.0.78-7.13 is installed
  • OR tomcat-lib-7.0.78-7.13 is installed
  • OR tomcat-servlet-3_0-api-7.0.78-7.13 is installed
  • OR tomcat-webapps-7.0.78-7.13 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed
  • AND
  • tomcat-8.0.32-8 is installed
  • OR tomcat-admin-webapps-8.0.32-8 is installed
  • OR tomcat-docs-webapp-8.0.32-8 is installed
  • OR tomcat-el-3_0-api-8.0.32-8 is installed
  • OR tomcat-javadoc-8.0.32-8 is installed
  • OR tomcat-jsp-2_3-api-8.0.32-8 is installed
  • OR tomcat-lib-8.0.32-8 is installed
  • OR tomcat-servlet-3_1-api-8.0.32-8 is installed
  • OR tomcat-webapps-8.0.32-8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Point of Sale 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Point of Sale 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56 is installed
  • OR tomcat6-javadoc-6.0.53-0.56 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56 is installed
  • OR tomcat6-lib-6.0.53-0.56 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56 is installed
  • OR tomcat6-webapps-6.0.53-0.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Point of Sale 11 SP3 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56.1 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56.1 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56.1 is installed
  • OR tomcat6-javadoc-6.0.53-0.56.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56.1 is installed
  • OR tomcat6-lib-6.0.53-0.56.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56.1 is installed
  • OR tomcat6-webapps-6.0.53-0.56.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • tomcat6-6.0.53-0.56.1 is installed
  • OR tomcat6-admin-webapps-6.0.53-0.56.1 is installed
  • OR tomcat6-docs-webapp-6.0.53-0.56.1 is installed
  • OR tomcat6-javadoc-6.0.53-0.56.1 is installed
  • OR tomcat6-jsp-2_1-api-6.0.53-0.56.1 is installed
  • OR tomcat6-lib-6.0.53-0.56.1 is installed
  • OR tomcat6-servlet-2_5-api-6.0.53-0.56.1 is installed
  • OR tomcat6-webapps-6.0.53-0.56.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 is installed
  • AND tomcat is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • AND
  • tomcat-7.0.78-7.13.4 is installed
  • OR tomcat-admin-webapps-7.0.78-7.13.4 is installed
  • OR tomcat-docs-webapp-7.0.78-7.13.4 is installed
  • OR tomcat-el-2_2-api-7.0.78-7.13.4 is installed
  • OR tomcat-javadoc-7.0.78-7.13.4 is installed
  • OR tomcat-jsp-2_2-api-7.0.78-7.13.4 is installed
  • OR tomcat-lib-7.0.78-7.13.4 is installed
  • OR tomcat-servlet-3_0-api-7.0.78-7.13.4 is installed
  • OR tomcat-webapps-7.0.78-7.13.4 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed
  • AND
  • tomcat-8.0.32-8.7 is installed
  • OR tomcat-admin-webapps-8.0.32-8.7 is installed
  • OR tomcat-docs-webapp-8.0.32-8.7 is installed
  • OR tomcat-el-3_0-api-8.0.32-8.7 is installed
  • OR tomcat-javadoc-8.0.32-8.7 is installed
  • OR tomcat-jsp-2_3-api-8.0.32-8.7 is installed
  • OR tomcat-lib-8.0.32-8.7 is installed
  • OR tomcat-servlet-3_1-api-8.0.32-8.7 is installed
  • OR tomcat-webapps-8.0.32-8.7 is installed
    • BACK