Upstream information

CVE-2013-4286 at MITRE

Description

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.8
Vector AV:N/AC:M/Au:N/C:P/I:P/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact None
SUSE Bugzilla entry: 865740 [RESOLVED / FIXED]

SUSE Security Advisories:

  • TID7017332, published Sa 3. Mär 11:59:56 CET 2018

List of released packages

Product(s) Fixed package version(s) References
SUSE Liberty Linux 7
  • tomcat >= 7.0.42-5.el7_0
  • tomcat-admin-webapps >= 7.0.42-5.el7_0
  • tomcat-docs-webapp >= 7.0.42-5.el7_0
  • tomcat-el-2.2-api >= 7.0.42-5.el7_0
  • tomcat-javadoc >= 7.0.42-5.el7_0
  • tomcat-jsp-2.2-api >= 7.0.42-5.el7_0
  • tomcat-jsvc >= 7.0.42-5.el7_0
  • tomcat-lib >= 7.0.42-5.el7_0
  • tomcat-servlet-3.0-api >= 7.0.42-5.el7_0
  • tomcat-webapps >= 7.0.42-5.el7_0
 Patchnames:
RHSA-2014:0686

SUSE Timeline for this CVE

CVE page created: Wed Feb 26 01:15:17 2014
CVE page last modified: Mon Oct 30 17:14:25 2023