Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2016-777

Related Vulnerabilities: CVE-2016-6816   CVE-2016-8735  

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener

Source

ALAS-2016-777

Amazon Linux AMI Security Advisory: ALAS-2016-777
Advisory Release Date: 2016-12-15 00:48 Pacific
Advisory Updated Date: 2016-12-15 23:49 Pacific
Severity: Important
Issue Overview:

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests

CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener


Affected Packages:

tomcat7


Issue Correction:
Run yum update tomcat7 to update your system.

New Packages:
noarch:
    tomcat7-7.0.73-1.23.amzn1.noarch
    tomcat7-jsp-2.2-api-7.0.73-1.23.amzn1.noarch
    tomcat7-lib-7.0.73-1.23.amzn1.noarch
    tomcat7-webapps-7.0.73-1.23.amzn1.noarch
    tomcat7-docs-webapp-7.0.73-1.23.amzn1.noarch
    tomcat7-el-2.2-api-7.0.73-1.23.amzn1.noarch
    tomcat7-log4j-7.0.73-1.23.amzn1.noarch
    tomcat7-admin-webapps-7.0.73-1.23.amzn1.noarch
    tomcat7-javadoc-7.0.73-1.23.amzn1.noarch
    tomcat7-servlet-3.0-api-7.0.73-1.23.amzn1.noarch

src:
    tomcat7-7.0.73-1.23.amzn1.src

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started