Ubuntu Update For Tomcat6 Vulnerability USN-1048-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1048-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain.

Affected

tomcat6 vulnerability on Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001234.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4172
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for clamav vulnerability USN-1076-1
Ubuntu Update for bzip2 vulnerability USN-590-1
Ubuntu Update for apache2 vulnerabilities USN-499-1
Ubuntu Update for aptdaemon USN-1414-1
Ubuntu Update for bind9 vulnerability USN-491-1

Ubuntu Update for tomcat6 vulnerability USN-1048-1

Take action and discover your vulnerabilities