Lucene search

K
amazonAmazonALAS-2015-526
HistoryMay 14, 2015 - 2:38 p.m.

Medium: tomcat7

2015-05-1414:38:00
alas.aws.amazon.com
17

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.948 High

EPSS

Percentile

99.2%

Issue Overview:

It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075)

It was found that the org.apache.catalina.servlets.DefaultServlet implementation in JBoss Web / Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096)

It was found that JBoss Web / Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a JBoss Web / Apache Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099)

It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service. (CVE-2014-0227)

Affected Packages:

tomcat7

Issue Correction:
Run yum update tomcat7 to update your system.

New Packages:

noarch:  
    tomcat7-admin-webapps-7.0.59-1.8.amzn1.noarch  
    tomcat7-el-2.2-api-7.0.59-1.8.amzn1.noarch  
    tomcat7-webapps-7.0.59-1.8.amzn1.noarch  
    tomcat7-log4j-7.0.59-1.8.amzn1.noarch  
    tomcat7-7.0.59-1.8.amzn1.noarch  
    tomcat7-jsp-2.2-api-7.0.59-1.8.amzn1.noarch  
    tomcat7-docs-webapp-7.0.59-1.8.amzn1.noarch  
    tomcat7-servlet-3.0-api-7.0.59-1.8.amzn1.noarch  
    tomcat7-javadoc-7.0.59-1.8.amzn1.noarch  
    tomcat7-lib-7.0.59-1.8.amzn1.noarch  
  
src:  
    tomcat7-7.0.59-1.8.amzn1.src  

Additional References

Red Hat: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0227

Mitre: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0227

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.948 High

EPSS

Percentile

99.2%