Apache Tomcat DoS Vulnerability (Jul 2024) - Linux. Vulnerable versions 9.0.0-M1 through 9.0.89, 10.1.0-M1 through 10.1.24 and 11.0.0-M1 through 11.0.0-M20
Reporter | Title | Published | Views | Family All 110 |
---|---|---|---|---|
OpenVAS | SUSE: Security Advisory (SUSE-SU-2024:2485-1) | 16 Jul 202400:00 | β | openvas |
OpenVAS | Apache Tomcat DoS Vulnerability (Jul 2024) - Windows | 4 Jul 202400:00 | β | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2024:2539-1) | 18 Jul 202400:00 | β | openvas |
OpenVAS | Mageia: Security Advisory (MGASA-2024-0267) | 16 Jul 202400:00 | β | openvas |
OpenVAS | openSUSE: Security Advisory for tomcat10 (SUSE-SU-2024:2413-1) | 24 Jul 202400:00 | β | openvas |
OpenVAS | openSUSE: Security Advisory for tomcat (SUSE-SU-2024:2485-1) | 24 Jul 202400:00 | β | openvas |
OpenVAS | Debian: Security Advisory (DSA-5845-1) | 20 Jan 202500:00 | β | openvas |
OSV | CGA-xv4j-9m39-wrpw | 25 Sep 202405:39 | β | osv |
OSV | Important: tomcat security update | 17 Sep 202400:54 | β | osv |
OSV | Important: tomcat security update | 21 Aug 202400:00 | β | osv |
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:apache:tomcat";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.152543");
script_version("2024-12-19T05:05:34+0000");
script_tag(name:"last_modification", value:"2024-12-19 05:05:34 +0000 (Thu, 19 Dec 2024)");
script_tag(name:"creation_date", value:"2024-07-04 02:05:52 +0000 (Thu, 04 Jul 2024)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_cve_id("CVE-2024-34750");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Apache Tomcat DoS Vulnerability (Jul 2024) - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Web Servers");
script_dependencies("gb_apache_tomcat_consolidation.nasl", "os_detection.nasl");
script_mandatory_keys("apache/tomcat/detected", "Host/runs_unixoide");
script_tag(name:"summary", value:"Apache Tomcat is prone to a denial of service (DoS)
vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"When processing an HTTP/2 stream, Tomcat did not handle some
cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams
which in turn led to the use of an incorrect infinite timeout which allowed connections to remain
open which should have been closed.");
script_tag(name:"affected", value:"Apache Tomcat versions prior to 9.0.90, 10.x through 10.1.24
and 11.0.0-M1 through 11.0.0-M20.
Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches) it is
assumed that the whole 10.x branch and all versions prior to 9.x are affected by this flaw. If you
disagree with this assessment and want to accept the risk please create an override for this
result.");
script_tag(name:"solution", value:"Update to version 9.0.90, 10.1.25, 11.0.0-M21 or later.");
script_xref(name:"URL", value:"https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l");
script_xref(name:"URL", value:"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M21");
script_xref(name:"URL", value:"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.25");
script_xref(name:"URL", value:"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.90");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (isnull(port = get_app_port(cpe: CPE)))
exit(0);
if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if (version_is_less(version: version, test_version: "9.0.90")) {
report = report_fixed_ver(installed_version: version, fixed_version: "9.0.90", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "10.0.0", test_version_up: "10.1.25")) {
report = report_fixed_ver(installed_version: version, fixed_version: "10.1.25", install_path: location);
security_message(port: port, data: report);
exit(0);
}
if (version_in_range_exclusive(version: version, test_version_lo: "11.0.0.M1", test_version_up: "11.0.0.M21")) {
report = report_fixed_ver(installed_version: version, fixed_version: "11.0.0-M21", install_path: location);
security_message(port: port, data: report);
exit(0);
}
exit(99);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo