Hi Team, As per our security team we need to install the below patches on multiple servers to remove vulnerabilities.
Below is the information we have received from our security team, Need your support to have a detailed impact analysis on the compatibility of the below patches. Apache Tomcat is a container for Java Servlet and Java Server Pages Web applications. Multiple vulnerabilities present in some versions of Apache Tomcat could lead to denial of service. Multiple flaws are present in Tomcat, which fails to handle invalid Transfer-Encoding header request that prevents buffer recycling. Successful exploitation could allow an attacker to gain sensitive information or cause a denial of service condition on the affected system. http://svn.apache.org/viewvc?view=revision&revision=958911 http://svn.apache.org/viewvc?view=revision&revision=958977 http://svn.apache.org/viewvc?view=revision&revision=959428 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151 http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2012-05-584&actionBtn=Search Regards Kanishk Sethi ________________________________ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. . ______________________________________________________________________________________ www.accenture.com