Debian Security Advisory DSA 1593-1 (tomcat5.5) Network Vulnerability

Summary

The remote host is missing an update to tomcat5.5 announced via advisory DSA 1593-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201593-1

Insight

Tt was discovered that the Host Manager web application performed insufficient input sanitising, which could lead to cross-site scripting. For the stable distribution (etch), this problem has been fixed in version 5.5.20-2etch3. For the unstable distribution (sid), this problem has been fixed in version 5.5.26-3. We recommend that you upgrade your tomcat5.5 packages.

Severity

Classification

CVE CVE-2008-1947

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1151-1 (heartbeat)
Debian Security Advisory DSA 092-1 (wmtv)
Debian Security Advisory DSA 1050-1 (clamav)
Debian Security Advisory DSA 1122-1 (libnet-server-perl)
Debian Security Advisory DSA 1032-1 (zope-cmfplone)

Take action and discover your vulnerabilities