Apache Tomcat Request Smuggling

2015.02.10
Risk: Low
Local: No
Remote: Yes
CWE: CWE-19


CVSS Base Score: 6.4/10
Impact Subscore: 4.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: Partial

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to craft a malformed chunk as part of a chucked request that caused Tomcat to read part of the request body as a new request. Mitigation: Users of affected versions should apply one of the following mitigations - - Upgrade to Apache Tomcat 8.0.9 or later - - Upgrade to Apache Tomcat 7.0.55 or later - - Upgrade to Apache Tomcat 6.0.43 or later (6.0.42 contains the fix but was not released) Credit: This issue was identified by the Tomcat security team. References: [1] http://tomcat.apache.org/security-8.html [2] http://tomcat.apache.org/security-7.html [3] http://tomcat.apache.org/security-6.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iQIcBAEBAgAGBQJU2HoOAAoJEBDAHFovYFnn/3wP/A3qNw/M6hrPYGtZJGtHmb3b B7VMHvhW18nTVUIuS6pg/FIcLg//dRpzzosHGAygGZJRTqW6am3TF9IEGrtaqXED 3cLbIUcIlay8grokG5Ci4fduZ3pouVA8/xbWTW6ND0KORAAsCeeIVVs3+/IdyBrM hRMST00A/ryXEBCzUdVATjd7bpdOAnRW/lSUI5/Ap+zQN1SR6rBdF224UaWRiZrr 4t55ZnStDQ10OT5a8R/uSZAftnRD3wRzOCquYHA7PbzpjDDmwbz00BQWErmlmgs/ ElN9Dmdn+/dFaaU9AGOLEhsse3KajfjgdWVXRoB2BJW3/GFgPT9vcHswINEgAZtp HoNFavmlZr0bs+1YdSEx8qtitB6Wr4QiwWYzfwLMhZ3qx6g0NSTMY6g+JH7BVIOL 3xGf1B42LidgMqqpcyddLW3HFICRI6wX1IgK+rF8Obaga6UOCHgmCKTL4YBxe5XK +YqEgH3HE1jwTL04FGsVMSAUIx4Z5wkm0rXsf3emHsyDytFQOyrJqI8AdGVMyOwO ZEjqwFDCjW36I2YsoE4HffO/ZnTxJrZzOZOXXt7N7zfFfxXsJsSuBBM3il0VIPyB AdmOl1RoeGx5Gj2WGIgXjPLCcOHaNTobClasFMvuzgPmxIHPViT1fhM/M41cre8M v3iXCWFfOe15UtdBy57w =BK1a -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top