Lucene search

K
tomcatApache TomcatTOMCAT:7F7A3E46EFAC8D1C471A3C1CB35948A4
HistoryJul 27, 2014 - 12:00 a.m.

Fixed in Apache Tomcat 7.0.55

2014-07-2700:00:00
Apache Tomcat
tomcat.apache.org
27

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.948

Percentile

99.3%

Important: Request Smuggling CVE-2014-0227

It was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request.

This was fixed in revision 1601333.

This issue was identified by the Tomcat security team on 30 May 2014 and made public on 9 February 2015.

Affects: 7.0.0 to 7.0.54

Low: Denial of Service CVE-2014-0230

When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the size of request body that Tomcat would swallow. This permitted a limited Denial of Service as Tomcat would never close the connection and a processing thread would remain allocated to the connection.

This was fixed in revision 1603781 and improved in revisions 1603811, 1609176 and 1659295.

This issue was disclosed to the Tomcat security team by AntBean@secdig from the Baidu Security Team on 4 June 2014 and made public on 9 April 2015.

Affects: 7.0.0 to 7.0.54

Affected configurations

Vulners
Node
apachetomcatRange7.0.0
OR
apachetomcatRange7.0.54
VendorProductVersionCPE
apachetomcat*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.948

Percentile

99.3%