MDVSA-2012:085
- Package name
- tomcat5
- Date
- 2012-05-30
- Advisory ID
- MDVSA-2012:085
- Affected versions
- MES5 i586 , MES5 x86_64 , 2010.1 i586 , 2010.1 x86_64
Problem description
A vulnerability has been discovered and corrected in tomcat5:
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before
7.0.23 uses an inefficient approach for handling parameters, which
allows remote attackers to cause a denial of service (CPU consumption)
via a request that contains many parameters and parameter values,
a different vulnerability than CVE-2011-4858 (CVE-2012-0022).
The updated packages have been patched to correct this issue.
Updated packages
MES5 i586
89c5a36d142f485772802793d2d232a3 mes5/i586/tomcat5-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 16c504c38fb2ef6ef0da356aefd38d90 mes5/i586/tomcat5-admin-webapps-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 6de741ee82fa06ed08b5f7ea46aaed6b mes5/i586/tomcat5-common-lib-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm ead39bc8a884aa62e98711592743d44e mes5/i586/tomcat5-jasper-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm abc7f54d2f91fcc20ffc5444efd19f3b mes5/i586/tomcat5-jasper-eclipse-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm da2ff51a33f19b032fc2e05e85f9c988 mes5/i586/tomcat5-jasper-javadoc-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 745711acf7a6a929cc12dd619952ad00 mes5/i586/tomcat5-jsp-2.0-api-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 47f8c00bebb138c31442bb6f63e3c151 mes5/i586/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 23dc6ec060cf070ed60a1450a68df37f mes5/i586/tomcat5-server-lib-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 7379a900bc3fd0cf87bea9fbd2fbcf0c mes5/i586/tomcat5-servlet-2.4-api-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 7ea3184918916e6a4e18aa17fe3afe17 mes5/i586/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 3c09e502cfdd5fe1b47179d96fdc70e8 mes5/i586/tomcat5-webapps-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 061692d8b800c6d3303d64fb0629340e mes5/SRPMS/tomcat5-5.5.28-0.5.0.4mdvmes5.2.src.rpm
MES5 x86_64
3b21dd4a87f5b13789838ce56a94ef35 mes5/x86_64/tomcat5-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 0b9c414e98cda30c4d17223a647e86e0 mes5/x86_64/tomcat5-admin-webapps-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 20c3f49e4c82c1649211740cbdcd97d8 mes5/x86_64/tomcat5-common-lib-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm fa035af744dc3c03912c57d593c42370 mes5/x86_64/tomcat5-jasper-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm cf489c169f7ff6c4fc7973911b80e039 mes5/x86_64/tomcat5-jasper-eclipse-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm da956fd30cadb8a97a4a75a295d3be2d mes5/x86_64/tomcat5-jasper-javadoc-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm aa38aefa424dccab4229c51e49aec3c8 mes5/x86_64/tomcat5-jsp-2.0-api-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm ff7d076e13b7764a6a1a900f610f3e5b mes5/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 5fcaf167e2e6008a4d94a6de31d24034 mes5/x86_64/tomcat5-server-lib-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm c306a04a9384df2c216caaf4d492da24 mes5/x86_64/tomcat5-servlet-2.4-api-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm ad91c5f29341c327d6e92ae924547f1c mes5/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 6b79384b098909bedc56a3adb3be5212 mes5/x86_64/tomcat5-webapps-5.5.28-0.5.0.4mdvmes5.2.noarch.rpm 061692d8b800c6d3303d64fb0629340e mes5/SRPMS/tomcat5-5.5.28-0.5.0.4mdvmes5.2.src.rpm
2010.1 i586
4dbdc982091d0b24ca8556e943b506be 2010.1/i586/tomcat5-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 6356e7035b07651650760cc98f6aca8c 2010.1/i586/tomcat5-admin-webapps-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 151bccadefd2c0dedaa16d7bbe3373bd 2010.1/i586/tomcat5-common-lib-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 3740c5f224c2ad0fe5bc0d9ddcabf026 2010.1/i586/tomcat5-jasper-5.5.28-0.5.0.4mdv2010.2.noarch.rpm c095b8a9f0f37ba7a4124ead3663b473 2010.1/i586/tomcat5-jasper-eclipse-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 8e2d9c8a39370b196801e7bfca1f447f 2010.1/i586/tomcat5-jasper-javadoc-5.5.28-0.5.0.4mdv2010.2.noarch.rpm dae3e2ddc1a320d0fa5d4265340c08a3 2010.1/i586/tomcat5-jsp-2.0-api-5.5.28-0.5.0.4mdv2010.2.noarch.rpm bcf8969a94eade64275e4377e921adbf 2010.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 7a4bdce7640fa6feb2243e1853781310 2010.1/i586/tomcat5-server-lib-5.5.28-0.5.0.4mdv2010.2.noarch.rpm f9f9a9b784960f0ff6074d1f1766ea7e 2010.1/i586/tomcat5-servlet-2.4-api-5.5.28-0.5.0.4mdv2010.2.noarch.rpm c1f2319f08787fe7fc4a9904962b388e 2010.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 736a729aa7f53b2a5ccd132090f496d2 2010.1/i586/tomcat5-webapps-5.5.28-0.5.0.4mdv2010.2.noarch.rpm b043f3f9083fce48f48d1e3365885102 2010.1/SRPMS/tomcat5-5.5.28-0.5.0.4mdv2010.2.src.rpm
2010.1 x86_64
fa2228e5ad8d02f6668428673423cf23 2010.1/x86_64/tomcat5-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 6cab7628431c5403fbac528ecce278e8 2010.1/x86_64/tomcat5-admin-webapps-5.5.28-0.5.0.4mdv2010.2.noarch.rpm be8db2383ca52bf0f0a56f1c51b93816 2010.1/x86_64/tomcat5-common-lib-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 35c820ac3e6171e43f3f49ee73271d94 2010.1/x86_64/tomcat5-jasper-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 8a57cee533df7699954cdf461ecb40d1 2010.1/x86_64/tomcat5-jasper-eclipse-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 7e0851cfee3732cc13a221fd7515b6a7 2010.1/x86_64/tomcat5-jasper-javadoc-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 12ba62390b699f8f01b6021037f64d4e 2010.1/x86_64/tomcat5-jsp-2.0-api-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 80fc555e01f5fe78d3cce0e1ad087a4e 2010.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.4mdv2010.2.noarch.rpm e73452455cd3da005619c2bd2ac5651d 2010.1/x86_64/tomcat5-server-lib-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 102f49ecf8fa3546319edf41451f833a 2010.1/x86_64/tomcat5-servlet-2.4-api-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 4b00aa7483f12401b3de5078e9c098b1 2010.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.4mdv2010.2.noarch.rpm 9b1af506d69a2fa83c6822d8eb215198 2010.1/x86_64/tomcat5-webapps-5.5.28-0.5.0.4mdv2010.2.noarch.rpm b043f3f9083fce48f48d1e3365885102 2010.1/SRPMS/tomcat5-5.5.28-0.5.0.4mdv2010.2.src.rpm