oval:org.mitre.oval:def:23970

Definition Id: oval:org.mitre.oval:def:23970

Oval ID:	oval:org.mitre.oval:def:23970
Title:	ELSA-2013:0869: tomcat6 security update (Important)
Description:	The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0869-01 CVE-2013-1976 CVE-2013-2051	Version:	13
Platform(s):	Oracle Linux 6	Product(s):	tomcat6
Definition Synopsis:
Oracle Linux 6.x rpm test tomcat6-jsp-2.1-api is earlier than 0:6.0.24-55.el6_4 AND tomcat6-webapps is earlier than 0:6.0.24-55.el6_4 AND tomcat6-docs-webapp is earlier than 0:6.0.24-55.el6_4 AND tomcat6-lib is earlier than 0:6.0.24-55.el6_4 AND tomcat6-javadoc is earlier than 0:6.0.24-55.el6_4 AND tomcat6-el-2.1-api is earlier than 0:6.0.24-55.el6_4 AND tomcat6-servlet-2.5-api is earlier than 0:6.0.24-55.el6_4 AND tomcat6-admin-webapps is earlier than 0:6.0.24-55.el6_4 AND tomcat6 is earlier than 0:6.0.24-55.el6_4

Definition Id: oval:org.mitre.oval:def:16594

Oval ID:	oval:org.mitre.oval:def:16594
Title:	Oracle Linux 6.x
Description:	The operating system installed on the system is Oracle Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:6	Version:	5
Platform(s):	Oracle Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:23970