Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2013:7208

Overview

Id SUSE-2013:7208
Name Novell SUSE 2013:7208 tomcat6 security update for SLES 11 SP2 x86_64
Vendor Name novell
Product None
Content Type Critical - 01 Critical - 01
Language(s)
Operating System(s) Linux 
Released On 07 Jan 2013 12:00:00

SUSE-2013:7208

Novell SUSE 2013:7208 tomcat6 security update for SLES 11 SP2 x86_64

Vendor Name

novell

Product

None

Released On

07 Jan 2013 12:00:00

Url

http://www.novell.com/support/search.do?usemicrosite=true&searchString=8caabee36d66ff05a162522ac84c989a

Description

LSAC(v2)
This update of tomcat6 fixes the following security issues: * CVE-2012-4534: denial of service * CVE-2012-2733: tomcat: HTTP NIO connector OOM DoS via a request with large headers * CVE-2012-5885: tomcat: cnonce tracking weakness * CVE-2012-5886: tomcat: authentication caching weakness * CVE-2012-5887: tomcat: stale nonce weakness * CVE-2012-5568: tomcat: affected by slowloris DoS * CVE-2012-3546: tomcat: Bypass of security constraints * CVE-2012-4431: tomcat: bypass of CSRF prevention filter Security Issue references: * CVE-2012-5885 * CVE-2012-4431 * CVE-2012-3546 * CVE-2012-5887 * CVE-2012-4534 * CVE-2012-2733 * CVE-2012-5886 * CVE-2012-5568

Related Resources

Related Vulnerabilities

CVE-2012-3546  

Related Patches

Superseded Patches

None


Last Updated: 27 May 2016 11:16:42