CVE-2013-4286

2014-02-2600:00:00

ubuntu.com

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

76.6%

JSON

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3,
when an HTTP connector or AJP connector is used, does not properly handle
certain inconsistent HTTP request headers, which allows remote attackers to
trigger incorrect identification of a request’s length and conduct
request-smuggling attacks via (1) multiple Content-Length headers or (2) a
Content-Length header and a “Transfer-Encoding: chunked” header. NOTE:
this vulnerability exists because of an incomplete fix for CVE-2005-2090.

Bugs

<https://bugzilla.redhat.com/show_bug.cgi?id=1069921>

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchtomcat6< 6.0.24-2ubuntu1.15UNKNOWN
ubuntu12.04noarchtomcat6< 6.0.35-1ubuntu3.4UNKNOWN
ubuntu12.10noarchtomcat7< 7.0.30-0ubuntu1.3UNKNOWN
ubuntu13.10noarchtomcat7< 7.0.42-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	tomcat6	< 6.0.24-2ubuntu1.15	UNKNOWN
ubuntu	12.04	noarch	tomcat6	< 6.0.35-1ubuntu3.4	UNKNOWN
ubuntu	12.10	noarch	tomcat7	< 7.0.30-0ubuntu1.3	UNKNOWN
ubuntu	13.10	noarch	tomcat7	< 7.0.42-1ubuntu0.1	UNKNOWN