The remote host is missing updates announced in advisory GLSA 201206-24.

All Apache Tomcat 6.0.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/tomcat-6.0.35' All Apache Tomcat 7.0.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/tomcat-7.0.23' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-24 http://bugs.gentoo.org/show_bug.cgi?id=272566 http://bugs.gentoo.org/show_bug.cgi?id=273662 http://bugs.gentoo.org/show_bug.cgi?id=303719 http://bugs.gentoo.org/show_bug.cgi?id=320963 http://bugs.gentoo.org/show_bug.cgi?id=329937 http://bugs.gentoo.org/show_bug.cgi?id=373987 http://bugs.gentoo.org/show_bug.cgi?id=374619 http://bugs.gentoo.org/show_bug.cgi?id=382043 http://bugs.gentoo.org/show_bug.cgi?id=386213 http://bugs.gentoo.org/show_bug.cgi?id=396401 http://bugs.gentoo.org/show_bug.cgi?id=399227

Multiple vulnerabilities were found in Apache Tomcat, the worst of which allowing to read, modify and overwrite arbitrary files.