oval:org.mitre.oval:def:23257

Definition Id: oval:org.mitre.oval:def:23257

Oval ID:	oval:org.mitre.oval:def:23257
Title:	ELSA-2011:1780: tomcat6 security and bug fix update (Moderate)
Description:	DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1780-01 CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-3190 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064	Version:	33
Platform(s):	Oracle Linux 6	Product(s):	tomcat6
Definition Synopsis:
Oracle Linux 6.x rpm test tomcat6-docs-webapp is earlier than 0:6.0.24-35.el6_1 AND tomcat6-webapps is earlier than 0:6.0.24-35.el6_1 AND tomcat6-lib is earlier than 0:6.0.24-35.el6_1 AND tomcat6-jsp-2.1-api is earlier than 0:6.0.24-35.el6_1 AND tomcat6-javadoc is earlier than 0:6.0.24-35.el6_1 AND tomcat6-el-2.1-api is earlier than 0:6.0.24-35.el6_1 AND tomcat6-admin-webapps is earlier than 0:6.0.24-35.el6_1 AND tomcat6-servlet-2.5-api is earlier than 0:6.0.24-35.el6_1 AND tomcat6 is earlier than 0:6.0.24-35.el6_1

Definition Id: oval:org.mitre.oval:def:16594

Oval ID:	oval:org.mitre.oval:def:16594
Title:	Oracle Linux 6.x
Description:	The operating system installed on the system is Oracle Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:6	Version:	5
Platform(s):	Oracle Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:23257