ID CVE-2014-0050
Summary MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
References
Vulnerable Configurations
  • Oracle Retail Applications 12.0
    cpe:2.3:a:oracle:retail_applications:12.0
  • Oracle Retail Applications 12.0IN
    cpe:2.3:a:oracle:retail_applications:12.0in
  • Oracle Retail Applications 13.0
    cpe:2.3:a:oracle:retail_applications:13.0
  • Oracle Retail Applications 13.1
    cpe:2.3:a:oracle:retail_applications:13.1
  • Oracle Retail Applications 13.2
    cpe:2.3:a:oracle:retail_applications:13.2
  • Oracle Retail Applications 13.3
    cpe:2.3:a:oracle:retail_applications:13.3
  • Oracle Retail Applications 13.4
    cpe:2.3:a:oracle:retail_applications:13.4
  • Oracle Retail Applications 14.0
    cpe:2.3:a:oracle:retail_applications:14.0
  • Apache Software Foundation Commons FileUpload 1.0
    cpe:2.3:a:apache:commons_fileupload:1.0
  • Apache Software Foundation Commons FileUpload 1.1
    cpe:2.3:a:apache:commons_fileupload:1.1
  • Apache Software Foundation Commons FileUpload 1.1.1
    cpe:2.3:a:apache:commons_fileupload:1.1.1
  • Apache Software Foundation Commons FileUpload 1.2
    cpe:2.3:a:apache:commons_fileupload:1.2
  • Apache Software Foundation Commons FileUpload 1.2.1
    cpe:2.3:a:apache:commons_fileupload:1.2.1
  • Apache Software Foundation Commons FileUpload 1.2.2
    cpe:2.3:a:apache:commons_fileupload:1.2.2
  • Apache Software Foundation Commons FileUpload 1.3
    cpe:2.3:a:apache:commons_fileupload:1.3
  • Apache Software Foundation Tomcat 7.0.0
    cpe:2.3:a:apache:tomcat:7.0.0
  • Apache Software Foundation Tomcat 7.0.0 beta
    cpe:2.3:a:apache:tomcat:7.0.0:beta
  • Apache Software Foundation Tomcat 7.0.1
    cpe:2.3:a:apache:tomcat:7.0.1
  • Apache Software Foundation Tomcat 7.0.2
    cpe:2.3:a:apache:tomcat:7.0.2
  • Apache Software Foundation Tomcat 7.0.2 beta
    cpe:2.3:a:apache:tomcat:7.0.2:beta
  • Apache Software Foundation Tomcat 7.0.3
    cpe:2.3:a:apache:tomcat:7.0.3
  • Apache Software Foundation Tomcat 7.0.4
    cpe:2.3:a:apache:tomcat:7.0.4
  • Apache Software Foundation Tomcat 7.0.4 beta
    cpe:2.3:a:apache:tomcat:7.0.4:beta
  • Apache Software Foundation Tomcat 7.0.5
    cpe:2.3:a:apache:tomcat:7.0.5
  • Apache Software Foundation Tomcat 7.0.6
    cpe:2.3:a:apache:tomcat:7.0.6
  • Apache Software Foundation Tomcat 7.0.7
    cpe:2.3:a:apache:tomcat:7.0.7
  • Apache Software Foundation Tomcat 7.0.8
    cpe:2.3:a:apache:tomcat:7.0.8
  • Apache Software Foundation Tomcat 7.0.9
    cpe:2.3:a:apache:tomcat:7.0.9
  • Apache Software Foundation Tomcat 7.0.10
    cpe:2.3:a:apache:tomcat:7.0.10
  • Apache Software Foundation Tomcat 7.0.11
    cpe:2.3:a:apache:tomcat:7.0.11
  • Apache Software Foundation Tomcat 7.0.12
    cpe:2.3:a:apache:tomcat:7.0.12
  • Apache Software Foundation Tomcat 7.0.13
    cpe:2.3:a:apache:tomcat:7.0.13
  • Apache Software Foundation Tomcat 7.0.14
    cpe:2.3:a:apache:tomcat:7.0.14
  • Apache Software Foundation Tomcat 7.0.15
    cpe:2.3:a:apache:tomcat:7.0.15
  • Apache Software Foundation Tomcat 7.0.16
    cpe:2.3:a:apache:tomcat:7.0.16
  • Apache Software Foundation Tomcat 7.0.17
    cpe:2.3:a:apache:tomcat:7.0.17
  • Apache Software Foundation Tomcat 7.0.18
    cpe:2.3:a:apache:tomcat:7.0.18
  • Apache Software Foundation Tomcat 7.0.19
    cpe:2.3:a:apache:tomcat:7.0.19
  • Apache Software Foundation Tomcat 7.0.20
    cpe:2.3:a:apache:tomcat:7.0.20
  • Apache Software Foundation Tomcat 7.0.21
    cpe:2.3:a:apache:tomcat:7.0.21
  • Apache Software Foundation Tomcat 7.0.22
    cpe:2.3:a:apache:tomcat:7.0.22
  • Apache Software Foundation Tomcat 7.0.23
    cpe:2.3:a:apache:tomcat:7.0.23
  • Apache Software Foundation Tomcat 7.0.24
    cpe:2.3:a:apache:tomcat:7.0.24
  • Apache Software Foundation Tomcat 7.0.25
    cpe:2.3:a:apache:tomcat:7.0.25
  • Apache Software Foundation Tomcat 7.0.26
    cpe:2.3:a:apache:tomcat:7.0.26
  • Apache Software Foundation Tomcat 7.0.27
    cpe:2.3:a:apache:tomcat:7.0.27
  • Apache Software Foundation Tomcat 7.0.28
    cpe:2.3:a:apache:tomcat:7.0.28
  • Apache Software Foundation Tomcat 7.0.29
    cpe:2.3:a:apache:tomcat:7.0.29
  • Apache Software Foundation Tomcat 7.0.30
    cpe:2.3:a:apache:tomcat:7.0.30
  • Apache Software Foundation Tomcat 7.0.31
    cpe:2.3:a:apache:tomcat:7.0.31
  • Apache Software Foundation Tomcat 7.0.32
    cpe:2.3:a:apache:tomcat:7.0.32
  • Apache Software Foundation Tomcat 7.0.33
    cpe:2.3:a:apache:tomcat:7.0.33
  • Apache Software Foundation Tomcat 7.0.34
    cpe:2.3:a:apache:tomcat:7.0.34
  • Apache Software Foundation Tomcat 7.0.35
    cpe:2.3:a:apache:tomcat:7.0.35
  • Apache Software Foundation Tomcat 7.0.36
    cpe:2.3:a:apache:tomcat:7.0.36
  • Apache Software Foundation Tomcat 7.0.37
    cpe:2.3:a:apache:tomcat:7.0.37
  • Apache Software Foundation Tomcat 7.0.38
    cpe:2.3:a:apache:tomcat:7.0.38
  • Apache Software Foundation Tomcat 7.0.39
    cpe:2.3:a:apache:tomcat:7.0.39
  • Apache Software Foundation Tomcat 7.0.40
    cpe:2.3:a:apache:tomcat:7.0.40
  • Apache Software Foundation Tomcat 7.0.41
    cpe:2.3:a:apache:tomcat:7.0.41
  • Apache Software Foundation Tomcat 7.0.42
    cpe:2.3:a:apache:tomcat:7.0.42
  • Apache Software Foundation Tomcat 7.0.43
    cpe:2.3:a:apache:tomcat:7.0.43
  • Apache Software Foundation Tomcat 7.0.44
    cpe:2.3:a:apache:tomcat:7.0.44
  • Apache Software Foundation Tomcat 7.0.45
    cpe:2.3:a:apache:tomcat:7.0.45
  • Apache Software Foundation Tomcat 7.0.46
    cpe:2.3:a:apache:tomcat:7.0.46
  • Apache Software Foundation Tomcat 7.0.47
    cpe:2.3:a:apache:tomcat:7.0.47
  • Apache Software Foundation Tomcat 7.0.48
    cpe:2.3:a:apache:tomcat:7.0.48
  • Apache Software Foundation Tomcat 7.0.49
    cpe:2.3:a:apache:tomcat:7.0.49
  • Apache Software Foundation Tomcat 7.0.50
    cpe:2.3:a:apache:tomcat:7.0.50
  • Apache Software Foundation Tomcat 8.0.0 Release Candidate 1
    cpe:2.3:a:apache:tomcat:8.0.0:rc1
  • Apache Software Foundation Tomcat 8.0.0 release candidate 10
    cpe:2.3:a:apache:tomcat:8.0.0:rc10
  • Apache Software Foundation Tomcat 8.0.0 Release Candidate 2
    cpe:2.3:a:apache:tomcat:8.0.0:rc2
  • Apache Software Foundation Tomcat 8.0.0 release candidate 5
    cpe:2.3:a:apache:tomcat:8.0.0:rc5
  • Apache Software Foundation Tomcat 8.0.1
    cpe:2.3:a:apache:tomcat:8.0.1
CVSS
Base: 7.5 (as of 15-11-2016 - 12:04)
Impact:
Exploitability:
CWE CWE-264
CAPEC
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Blue Boxing
    This type of attack against older telephone switches and trunks has been around for decades. A tone is sent by an adversary to impersonate a supervisor signal which has the effect of rerouting or usurping command of the line. While the US infrastructure proper may not contain widespread vulnerabilities to this type of attack, many companies are connected globally through call centers and business process outsourcing. These international systems may be operated in countries which have not upgraded Telco infrastructure and so are vulnerable to Blue boxing. Blue boxing is a result of failure on the part of the system to enforce strong authorization for administrative functions. While the infrastructure is different than standard current applications like web applications, there are historical lessons to be learned to upgrade the access control for administrative functions.
  • Restful Privilege Elevation
    Rest uses standard HTTP (Get, Put, Delete) style permissions methods, but these are not necessarily correlated generally with back end programs. Strict interpretation of HTTP get methods means that these HTTP Get services should not be used to delete information on the server, but there is no access control mechanism to back up this logic. This means that unless the services are properly ACL'd and the application's service implementation are following these guidelines then an HTTP request can easily execute a delete or update on the server side. The attacker identifies a HTTP Get URL such as http://victimsite/updateOrder, which calls out to a program to update orders on a database or other resource. The URL is not idempotent so the request can be submitted multiple times by the attacker, additionally, the attacker may be able to exploit the URL published as a Get method that actually performs updates (instead of merely retrieving data). This may result in malicious or inadvertent altering of data on the server.
  • Target Programs with Elevated Privileges
    This attack targets programs running with elevated privileges. The attacker would try to leverage a bug in the running program and get arbitrary code to execute with elevated privileges. For instance an attacker would look for programs that write to the system directories or registry keys (such as HKLM, which stores a number of critical Windows environment variables). These programs are typically running with elevated privileges and have usually not been designed with security in mind. Such programs are excellent exploit targets because they yield lots of power when they break. The malicious user try to execute its code at the same level as a privileged system call.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Apache Commons FileUpload and Apache Tomcat - Denial-of-Service. CVE-2014-0050. Dos exploits for multiple platform
id EDB-ID:31615
last seen 2016-02-03
modified 2014-02-12
published 2014-02-12
reporter Trustwave's SpiderLabs
source https://www.exploit-db.com/download/31615/
title Apache Commons FileUpload and Apache Tomcat - Denial-of-Service
metasploit via4
description This module triggers an infinite loop in Apache Commons FileUpload 1.0 through 1.3 via a specially crafted Content-Type header. Apache Tomcat 7 and Apache Tomcat 8 use a copy of FileUpload to handle mime-multipart requests, therefore, Apache Tomcat 7.0.0 through 7.0.50 and 8.0.0-RC1 through 8.0.1 are affected by this issue. Tomcat 6 also uses Commons FileUpload as part of the Manager application.
id MSF:AUXILIARY/DOS/HTTP/APACHE_COMMONS_FILEUPLOAD_DOS
last seen 2019-03-07
modified 2017-07-24
published 2014-02-22
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/apache_commons_fileupload_dos.rb
title Apache Commons FileUpload and Apache Tomcat DoS
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0429.NASL
    description From Red Hat Security Advisory 2014:0429 : Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) All Tomcat users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 73677
    published 2014-04-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73677
    title Oracle Linux 6 : tomcat6 (ELSA-2014-0429)
  • NASL family CGI abuses
    NASL id ORACLE_EIDS_CPU_OCT_2014.NASL
    description The remote host is running a version of Oracle Endeca Information Discovery Studio that may be missing a vendor-supplied security patch that fixes multiple bugs and OpenSSL related security vulnerabilities. Note that depending on how the remote host is configured, Nessus may not be able to detect the correct version. You'll need to manually verify that the remote host has not been patched.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 78603
    published 2014-10-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78603
    title Oracle Endeca Information Discovery Studio Multiple Vulnerabilities (October 2014 CPU)
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_8_0_0_1_CF12.NASL
    description The version of IBM WebSphere Portal on the remote host is affected by multiple vulnerabilities : - A denial of service vulnerability exists in the Apache Commons FileUpload library that allows an attacker to cause the application to enter an infinite loop. (CVE-2014-0050) - An unspecified denial of service vulnerability exists that allows a remote attacker to crash the host by sending a specially crafted web request. (CVE-2014-0949) - A cross-site scripting (XSS) vulnerability exists in the 'FilterForm.jsp' script due to improper user input validation. (CVE-2014-0951) - An XSS vulnerability exists in the 'boot_config.jsp' script due to improper user input validation. (CVE-2014-0952) - An unspecified XSS vulnerability exists due to improper validation of user input. (CVE-2014-0953) - A privilege escalation vulnerability exists in the Web Content Viewer portlet due to improper handling of JSP includes. A remote attacker can exploit this issue to obtain sensitive information, cause a denial of service, or control the request dispatcher by sending a specially crafted URL request. (CVE-2014-0954) - An XSS vulnerability exists in the Social Rendering feature due to improper validation of user input. Note that this only affects installs using IBM Connections with the Social Rendering feature. (CVE-2014-0955) - An unspecified XSS vulnerability exists due to improper validation of user input in a JSP script. (CVE-2014-0956) - An unspecified open redirect vulnerability exists that allows an attacker to perform a phishing attack by enticing a user to click on a malicious URL. (CVE-2014-0958) - An unspecified denial of service vulnerability exists that allows an authenticated attacker to cause a successful login to loop back to the login page indefinitely. (CVE-2014-0959) An attacker can exploit the XSS vulnerabilities to execute code in the security context of a user's browser in order to steal authentication cookies.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 74156
    published 2014-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74156
    title IBM WebSphere Portal 8.x < 8.0.0.1 CF12 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-29.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-29 (Apache Tomcat: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Tomcat. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to cause a Denial of Service condition as well as obtain sensitive information, bypass protection mechanisms and authentication restrictions. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 79982
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79982
    title GLSA-201412-29 : Apache Tomcat: Multiple vulnerabilities
  • NASL family Web Servers
    NASL id WEBSPHERE_8_0_0_9.NASL
    description IBM WebSphere Application Server 8.0 prior to Fix Pack 9 is running on the remote host. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6323, PI04777 and PI04880) - A denial of service flaw exists within the Global Security Kit when handling SSLv2 resumption during the SSL/TLS handshake. This could allow a remote attacker to crash the program. (CVE-2013-6329, PI05309) - A buffer overflow flaw exists in the HTTP server with the mod_dav module when using add-ons. This could allow a remote attacker to cause a buffer overflow and a denial of service. (CVE-2013-6438, PI09345) - A cross-site scripting flaw exists within OAuth where user input is not properly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6738, PI05661) - A denial of service flaw exists within the Global Security Kit when handling X.509 certificate chain during the initiation of a SSL/TLS connection. A remote attacker, using a malformed certificate chain, could cause the client or server to crash by hanging the Global Security Kit. (CVE-2013-6747, PI09443) - A denial of service flaw exists within the Apache Commons FileUpload when parsing a content-type header for a multipart request. A remote attacker, using a specially crafted request, could crash the program. (CVE-2014-0050, PI12648, PI12926 and PI13162) - A flaw exists in the Elliptic Curve Digital Signature Algorithm implementation which could allow a malicious process to recover ECDSA nonces. (CVE-2014-0076, PI19700) - A denial of service flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028) - An information disclosure flaw exists in the 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding. This many allow a remote attacker to gain timing information intended to be protected by encryption. (CVE-2014-0453) - A flaw exists with 'com.sun.jndi.dns.DnsClient' related to the randomization of query IDs. This could allow a remote attacker to conduct spoofing attacks. (CVE-2014-0460) - A flaw exists in the Full and Liberty profiles. A remote attacker, using a specially crafted request, could gain access to arbitrary files. (CVE-2014-0823, PI05324) - An information disclosure flaw exists within the Administrative Console. This could allow a network attacker, using a specially crafted request, to gain privileged access. (CVE-2014-0857, PI07808) - A denial of service flaw exists in a web server plugin on servers configured to retry failed POST request. This could allow a remote attacker to crash the application. (CVE-2014-0859, PI08892) - An information disclosure flaw exists within Proxy and ODR servers. This could allow a remote attacker, using a specially crafted request, to gain access to potentially sensitive information. (CVE-2014-0891, PI09786) - A denial of service flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component. This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025) - An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information. (CVE-2014-0965, PI11434) - An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information. (CVE-2014-3022, PI09594)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 76995
    published 2014-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76995
    title IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities
  • NASL family CGI abuses
    NASL id MYSQL_ENTERPRISE_MONITOR_2_3_17.NASL
    description According to its self-reported version, the MySQL Enterprise Monitor running on the remote host is affected by multiple vulnerabilities : - A flaw exists within 'MultipartStream.java' in Apache Commons FileUpload when parsing malformed Content-Type headers. A remote attacker, using a crafted header, can exploit this to cause an infinite loop, resulting in a denial of service. (CVE-2014-0050) - Security bypass flaws exist in the ParametersInterceptor and CookieInterceptor classes, within the included Apache Struts 2 component, which are due to a failure to properly restrict access to their getClass() methods. A remote attacker, using a crafted request, can exploit these flaws to manipulate the ClassLoader, thus allowing the execution of arbitrary code or modification of the session state. Note that vulnerabilities CVE-2014-0112 and CVE-2014-0116 occurred because the patches for CVE-2014-0094 and CVE-2014-0113, respectively, were not complete fixes. (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 83293
    published 2015-05-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83293
    title MySQL Enterprise Monitor < 2.3.17 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0525.NASL
    description Updated tomcat6 packages that fix multiple security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) It was found that previous fixes in Tomcat 6 to path parameter handling introduced a regression that caused Tomcat to not properly disable URL rewriting to track session IDs when the disableURLRewriting option was enabled. A man-in-the-middle attacker could potentially use this flaw to hijack a user's session. (CVE-2014-0033) A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) All users of Red Hat JBoss Web Server 2.0.1 are advised to upgrade to these updated tomcat6 packages, which contain backported patches to correct these issues. The Red Hat JBoss Web Server process must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76240
    published 2014-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76240
    title RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0525)
  • NASL family Windows
    NASL id STRUTS_2_3_16_1_WIN_LOCAL.NASL
    description This plugin has been deprecated and replaced by struts_2_3_16_1.nasl (plugin ID 117393).
    last seen 2019-02-21
    modified 2018-09-12
    plugin id 81105
    published 2015-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81105
    title Apache Struts 2.0.0 < 2.3.16.1 Multiple Vulnerabilities (credentialed check) (Deprecated)
  • NASL family CGI abuses
    NASL id MYSQL_ENTERPRISE_MONITOR_3_0_11.NASL
    description According to its self-reported version, the MySQL Enterprise Monitor running on the remote host is affected by multiple vulnerabilities : - A flaw exists within 'MultipartStream.java' in Apache Commons FileUpload when parsing malformed Content-Type headers. A remote attacker, using a crafted header, can exploit this to cause an infinite loop, resulting in a denial of service. (CVE-2014-0050) - Security bypass flaws exist in the ParametersInterceptor and CookieInterceptor classes, within the included Apache Struts 2 component, which are due to a failure to properly restrict access to their getClass() methods. A remote attacker, using a crafted request, can exploit these flaws to manipulate the ClassLoader, thus allowing the execution of arbitrary code or modification of the session state. Note that vulnerabilities CVE-2014-0112 and CVE-2014-0116 occurred because the patches for CVE-2014-0094 and CVE-2014-0113, respectively, were not complete fixes. (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 83295
    published 2015-05-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83295
    title MySQL Enterprise Monitor 3.0.x < 3.0.11 Multiple Vulnerabilities
  • NASL family Web Servers
    NASL id WEBSPHERE_8_5_5_2.NASL
    description IBM WebSphere Application Server 8.5 prior to Fix Pack 8.5.5.2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - Numerous errors exist related to the included IBM SDK for Java (based on the Oracle JDK) that could allow denial of service attacks and information disclosure. (CVE-2013-5372, CVE-2013-5780, CVE-2013-5803) - User input validation errors exist related to the Administrative console and the Oauth component that could allow cross-site scripting attacks. (CVE-2013-6725 / PM98132, CVE-2013-6323 / PI04777, CVE-2013-6738 / PI05661) - An error exists due to a failure to properly handle by web services endpoint requests that could allow denial of service attacks. (CVE-2013-6325 / PM99450, PI08267) - An error exists in the included IBM Global Security Kit related to SSL handling that could allow denial of service attacks. (CVE-2013-6329 / PI05309) - A flaw exists with the 'mod_dav' module that is caused when tracking the length of CDATA that has leading white space. A remote attacker with a specially crafted DAV WRITE request can cause the service to stop responding. (CVE-2013-6438 / PI09345) - An error exists in the included IBM Global Security Kit related to malformed X.509 certificate chain handling that could allow denial of service attacks. (CVE-2013-6747 / PI09443) - An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads that could allow denial of service attacks. (CVE-2014-0050 / PI12648, PI12926) - An unspecified error exists that could allow file disclosures to remote unauthenticated attackers. (CVE-2014-0823 / PI05324) - An unspecified error exists related to the Administrative console that could allow a security bypass. (CVE-2014-0857 / PI07808) - An error exists related to a web server plugin and retrying failed POST requests that could allow denial of service attacks. (CVE-2014-0859 / PI08892) - An error exists related to the Proxy and ODR components that could allow information disclosure. (CVE-2014-0891 / PI09786) - An unspecified error exists related to the 'Liberty Profile' that could allow information disclosure. (CVE-2014-0896 / PI10134)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 74235
    published 2014-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74235
    title IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140423_TOMCAT6_ON_SL6_X.NASL
    description It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) Tomcat must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 73679
    published 2014-04-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73679
    title Scientific Linux Security Update : tomcat6 on SL6.x (noarch)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2014-0008.NASL
    description a. vCenter Server Apache Struts Update The Apache Struts library is updated to address a security issue. This issue may lead to remote code execution after authentication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-0114 to this issue. b. vCenter Server tc-server 2.9.5 / Apache Tomcat 7.0.52 updates tc-server has been updated to version 2.9.5 to address multiple security issues. This version of tc-server includes Apache Tomcat 7.0.52. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2013-4590, CVE-2013-4322, and CVE-2014-0050 to these issues. c. Update to ESXi glibc package glibc is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2013-0242 and CVE-2013-1914 to these issues. d. vCenter and Update Manager, Oracle JRE 1.7 Update 55 Oracle has documented the CVE identifiers that are addressed in JRE 1.7.0 update 55 in the Oracle Java SE Critical Patch Update Advisory of April 2014. The References section provides a link to this advisory.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 77630
    published 2014-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77630
    title VMSA-2014-0008 : VMware vSphere product updates to third-party libraries
  • NASL family Misc.
    NASL id VCENTER_OPERATIONS_MANAGER_VMSA_2014-0007.NASL
    description The version of vCenter Operations Manager installed on the remote host is prior to 5.8.2. It is, therefore, affected by the following vulnerabilities : - An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads that could allow denial of service attacks. (CVE-2014-0050) - A security bypass error exists due to the included Apache Struts2 component, allowing manipulation of the ClassLoader via the 'class' parameter, which is directly mapped to the getClass() method. A remote, unauthenticated attacker can take advantage of this issue to manipulate the ClassLoader used by the application server, allowing for the bypass of certain security restrictions. Note that CVE-2014-0112 exists because CVE-2014-0094 was not a complete fix. (CVE-2014-0094, CVE-2014-0112)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 76388
    published 2014-07-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76388
    title VMware vCenter Operations Management Suite Multiple Vulnerabilities (VMSA-2014-0007)
  • NASL family Web Servers
    NASL id WEBSPHERE_7_0_0_33.NASL
    description IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running on the remote host. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6323, PI04777 and PI04880) - A denial of service flaw exists within the Global Security Kit when handling SSLv2 resumption during the SSL/TLS handshake. This could allow a remote attacker to crash the program. (CVE-2013-6329, PI05309) - A buffer overflow flaw exists in the HTTP server with the mod_dav module when using add-ons. This could allow a remote attacker to cause a buffer overflow and a denial of service. (CVE-2013-6438, PI09345) - A cross-site scripting flaw exists within OAuth where user input is not properly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6738, PI05661) - A denial of service flaw exists within the Global Security Kit when handling X.509 certificate chain during the initiation of an SSL/TLS connection. A remote attacker, using a malformed certificate chain, could cause the client or server to crash by hanging the Global Security Kit. (CVE-2013-6747, PI09443) - A denial of service flaw exists within the Apache Commons FileUpload when parsing a content-type header for a multipart request. A remote attacker, using a specially crafted request, could crash the program. (CVE-2014-0050, PI12648, PI12926 and PI13162) - A denial of service flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028) - A remote code execution flaw exists with Apache Struts. The failure to restrict setting of Class loader attributes could allow a remote attacker to execute arbitrary script code. (CVE-2014-0114, PI17190) - An information disclosure flaw exists in the 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding. This many allow a remote attacker to gain timing information intended to be protected by encryption. (CVE-2014-0453) - A flaw exists within 'com.sun.jndi.dns.DnsClient' related to the randomization of query IDs. This could allow a remote attacker to conduct spoofing attacks. (CVE-2014-0460) - A denial of service flaw exists in a web server plugin on servers configured to retry failed POST request. This could allow a remote attacker to crash the application. (CVE-2014-0859, PI08892) - A flaw exists with the 'IBMJCE' and 'IBMSecureRandom' cryptographic providers by generating numbers in a predictable manner. This could allow a remote attacker to easily guess the output of the random number generator. (CVE-2014-0878) - An information disclosure flaw exists within Proxy and ODR servers. This could allow a remote attacker, using a specially crafted request, to gain access to potentially sensitive information. (CVE-2014-0891, PI09786) - A denial of service flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component. This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025) - An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information. (CVE-2014-0965, PI11434) - An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information. (CVE-2014-3022, PI09594)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 76967
    published 2014-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76967
    title IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities
  • NASL family Misc.
    NASL id STRUTS_2_3_16_1.NASL
    description The version of Apache Struts running on the remote host is 2.x prior to 2.3.16.1. It, therefore, is affected by multiple vulnerabilities including a denial of service (DoS) vulnerability and a ClassLoader manipulation flaw. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-02-15
    plugin id 117393
    published 2018-09-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117393
    title Apache Struts 2.x < 2.3.16.1 Multiple Vulnerabilities (S2-020)
  • NASL family Databases
    NASL id ORACLE_RDBMS_CPU_OCT_2014.NASL
    description The remote Oracle database server is missing the October 2014 Critical Patch Update (CPU). It is, therefore, affected by security issues in the following components : - Application Express - Core RDBMS - Java VM - JDBC - JPublisher - SQLJ
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 78540
    published 2014-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78540
    title Oracle Database Multiple Vulnerabilities (October 2014 CPU)
  • NASL family Misc.
    NASL id VMWARE_VCENTER_VMSA-2014-0008.NASL
    description The VMware vCenter Server installed on the remote host is version 5.0 prior to Update 3c, 5.1 prior to Update 3, or 5.5 prior to Update 2. It is, therefore, affected by multiple vulnerabilities in third party libraries : - The bundled version of Apache Struts contains a code execution flaw. Note that 5.0 Update 3c only addresses this vulnerability. (CVE-2014-0114) - The bundled tc-server / Apache Tomcat contains multiple vulnerabilities. (CVE-2013-4590, CVE-2013-4322, and CVE-2014-0050) - The bundled version of Oracle JRE is prior to 1.7.0_55 and thus is affected by multiple vulnerabilities. Note that this only affects version 5.5 of vCenter.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 77728
    published 2014-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77728
    title VMware Security Updates for vCenter Server (VMSA-2014-0008)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2130-1.NASL
    description It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. (CVE-2013-4286) It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to stop responding, resulting in a denial of service. (CVE-2013-4322) It was discovered that Tomcat incorrectly applied the disableURLRewriting setting when handling a session id in a URL. A remote attacker could possibly use this flaw to conduct session fixation attacks. This issue only applied to Ubuntu 12.04 LTS. (CVE-2014-0033) It was discovered that Tomcat incorrectly handled malformed Content-Type headers and multipart requests. A remote attacker could use this flaw to cause the Tomcat server to stop responding, resulting in a denial of service. This issue only applied to Ubuntu 12.10 and Ubuntu 13.10. (CVE-2014-0050). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 72874
    published 2014-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72874
    title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : tomcat6, tomcat7 vulnerabilities (USN-2130-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-2175.NASL
    description This update fixes a denial of service vulnerability which could be triggered by specially crafted input if the buffer used by the MultipartSteeam was not big enough. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-11-06
    plugin id 72544
    published 2014-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72544
    title Fedora 20 : apache-commons-fileupload-1.3-5.fc20 (2014-2175)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15189.NASL
    description MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions. (CVE-2014-0050)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78165
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78165
    title F5 Networks BIG-IP : Apache Commons FileUpload vulnerability (K15189)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-084.NASL
    description Updated tomcat package fixes security vulnerabilities : It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition (CVE-2014-0050). Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data (CVE-2013-4322). Apache Tomcat 7.x before 7.0.50 allows attackers to obtain Tomcat internals information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2013-4590). Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data (CVE-2014-0075). java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2014-0096). Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header (CVE-2014-0099). Apache Tomcat before 6.0.40 and 7.x before 7.0.54 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or read files associated with different web applications on a single Tomcat instance via a crafted web application (CVE-2014-0119). In Apache Tomcat 7.x before 7.0.55, it was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request (CVE-2014-0227).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82337
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82337
    title Mandriva Linux Security Advisory : tomcat (MDVSA-2015:084)
  • NASL family Misc.
    NASL id VMWARE_ORCHESTRATOR_APPLIANCE_VMSA_2014_0007.NASL
    description The version of VMware vCenter Orchestrator Appliance installed on the remote host is 5.5.x prior to 5.5.2. It is, therefore, affected by a denial of service vulnerability due to an error that exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 78670
    published 2014-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78670
    title VMware vCenter Orchestrator Appliance 5.5.x < 5.5.2 DoS (VMSA-2014-0007)
  • NASL family Web Servers
    NASL id TOMCAT_7_0_52.NASL
    description According to its self-reported version number, the instance of Apache Tomcat 7.0.x listening on the remote host is prior to 7.0.52. It is, therefore, affected by an error related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads. Note that this error exists because of the bundled version of Apache Commons FileUpload. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-08-03
    plugin id 72692
    published 2014-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72692
    title Apache Tomcat 7.0.x < 7.0.52 Content-Type DoS
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-312.NASL
    description MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 73231
    published 2014-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73231
    title Amazon Linux AMI : tomcat7 (ALAS-2014-312)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-2183.NASL
    description This update fixes a denial of service vulnerability which could be triggered by specially crafted input if the buffer used by the MultipartSteeam was not big enough. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-11-06
    plugin id 72545
    published 2014-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72545
    title Fedora 19 : apache-commons-fileupload-1.3-5.fc19 (2014-2183)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0526.NASL
    description Updated tomcat7 packages that fix three security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) All users of Red Hat JBoss Web Server 2.0.1 are advised to upgrade to these updated tomcat7 packages, which contain backported patches to correct these issues. The Red Hat JBoss Web Server process must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76241
    published 2014-06-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76241
    title RHEL 5 / 6 : JBoss Web Server (RHSA-2014:0526)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0429.NASL
    description Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) All Tomcat users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73678
    published 2014-04-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73678
    title RHEL 6 : tomcat6 (RHSA-2014:0429)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140709_TOMCAT6_ON_SL6_X.NASL
    description It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) This update also fixes the following bugs : - The patch that resolved the CVE-2014-0050 issue contained redundant code. This update removes the redundant code. - The patch that resolved the CVE-2013-4322 issue contained an invalid check that triggered a java.io.EOFException while reading trailer headers for chunked requests. This update fixes the check and the aforementioned exception is no longer triggered in the described scenario. Tomcat must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 76450
    published 2014-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76450
    title Scientific Linux Security Update : tomcat6 on SL6.x i386/srpm/x86_64
  • NASL family Windows
    NASL id ORACLE_WEBCENTER_SITES_APR_2015_CPU.NASL
    description The Oracle WebCenter Sites installed on the remote host is missing patches from the April 2015 CPU. It is, therefore, affected by multiple vulnerabilities : - A flaw exists within 'MultipartStream.java' in Apache Commons FileUpload when parsing malformed Content-Type headers. A remote attacker, using a crafted header, can exploit this to cause an infinite loop, resulting in a denial of service. (CVE-2014-0050) - ParametersInterceptor in Apache Struts does not properly restrict access to the getClass method. A remote attacker, using a crafted request, can exploit this to manipulate the ClassLoader, thus allowing the execution of arbitrary code. (CVE-2014-0112)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 83469
    published 2015-05-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83469
    title Oracle WebCenter Sites Multiple Vulnerabilities (April 2015 CPU)
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_CVE-2014-0050.NASL
    description The version of IBM WebSphere Portal on the remote host is affected by a denial of service vulnerability in the Apache Commons FileUpload library that allows an attacker to cause the application to enter an infinite loop.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 74293
    published 2014-06-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74293
    title IBM WebSphere Portal Apache Commons FileUpload DoS
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-056.NASL
    description Updated apache-commons-fileupload packages fix security vulnerability : It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition (CVE-2014-0050). Tomcat 7 includes an embedded copy of the Apache Commons FileUpload package, and was affected as well. Additionally a build problem with maven was discovered, fixed maven packages is also being provided with this advisory.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 73003
    published 2014-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73003
    title Mandriva Linux Security Advisory : apache-commons-fileupload (MDVSA-2014:056)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2897.NASL
    description Multiple security issues were found in the Tomcat servlet and JSP engine : - CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login form, an attacker could inject a request that would be executed using the victim's credentials. - CVE-2013-2071 A runtime exception in AsyncListener.onComplete() prevents the request from being recycled. This may expose elements of a previous request to a current request. - CVE-2013-4286 Reject requests with multiple content-length headers or with a content-length header when chunked encoding is being used. - CVE-2013-4322 When processing a request submitted using the chunked transfer encoding, Tomcat ignored but did not limit any extensions that were included. This allows a client to perform a limited denial of service by streaming an unlimited amount of data to the server. - CVE-2014-0050 Multipart requests with a malformed Content-Type header could trigger an infinite loop causing a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73421
    published 2014-04-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73421
    title Debian DSA-2897-1 : tomcat7 - security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAKARTA-COMMONS-FILEUPLOAD-140403.NASL
    description This update fixes a security issue with jakarta-commons-fileupload : - denial of service due to too-small buffer size used (CVE-2014-0050). (bnc#862781)
    last seen 2019-02-21
    modified 2015-01-13
    plugin id 73609
    published 2014-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73609
    title SuSE 11.3 Security Update : jakarta-commons-fileupload (SAT Patch Number 9087)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0429.NASL
    description Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) All Tomcat users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73675
    published 2014-04-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73675
    title CentOS 6 : tomcat6 (CESA-2014:0429)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-297.NASL
    description This jakarta-commons-fileupload update fixes the follwoing security and non security issues : - bnc#862781: Fixed buffer overflow and resulting DoS (CVE-2014-0050). - Removed gcj part and deprecated macros. - Moved from jpackage-utils to javapackage-tools.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75324
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75324
    title openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2014:0528-1)
  • NASL family Web Servers
    NASL id TOMCAT_8_0_3.NASL
    description According to its self-reported version number, the instance of Apache Tomcat 8.0.x listening on the remote host is a version prior to 8.0.3. It is, therefore, affected by a denial of service vulnerability due to an error related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads. Note that this error exists because of the bundled version of Apache Commons FileUpload. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-08-03
    plugin id 72693
    published 2014-02-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72693
    title Apache Tomcat 8.0.x < 8.0.3 Content-Type DoS
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0253.NASL
    description Updated Red Hat JBoss Enterprise Application Platform 6.2.1 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in the JBoss Web component of JBoss EAP, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) Warning: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. All users of Red Hat JBoss Enterprise Application Platform 6.2.1 on Red Hat Enterprise Linux 5 and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 72853
    published 2014-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72853
    title RHEL 5 / 6 : JBoss EAP (RHSA-2014:0253)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-298.NASL
    description This jakarta-commons-fileupload update fixes the follwoing security issue : - bnc#862781: Fixed buffer overflow and resulting DoS (CVE-2014-0050).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75325
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75325
    title openSUSE Security Update : jakarta-commons-fileupload (openSUSE-SU-2014:0527-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2856.NASL
    description It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 72401
    published 2014-02-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72401
    title Debian DSA-2856-1 : libcommons-fileupload-java - denial of service
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-344.NASL
    description It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 78287
    published 2014-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78287
    title Amazon Linux AMI : tomcat6 (ALAS-2014-344)
  • NASL family Misc.
    NASL id VMWARE_ORCHESTRATOR_VMSA_2014_0007.NASL
    description The version of VMware vCenter Orchestrator installed on the remote host is 5.5.x prior to 5.5.2. It is, therefore, affected by a denial of service vulnerability due to an error that exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 78671
    published 2014-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78671
    title VMware vCenter Orchestrator 5.5.x < 5.5.2 DoS (VMSA-2014-0007)
redhat via4
advisories
  • bugzilla
    id 1069921
    title CVE-2013-4286 tomcat: multiple content-length header poisoning flaws
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment tomcat6 is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429005
        • comment tomcat6 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335006
      • AND
        • comment tomcat6-admin-webapps is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429007
        • comment tomcat6-admin-webapps is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335022
      • AND
        • comment tomcat6-docs-webapp is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429011
        • comment tomcat6-docs-webapp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335020
      • AND
        • comment tomcat6-el-2.1-api is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429019
        • comment tomcat6-el-2.1-api is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335024
      • AND
        • comment tomcat6-javadoc is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429021
        • comment tomcat6-javadoc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335012
      • AND
        • comment tomcat6-jsp-2.1-api is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429009
        • comment tomcat6-jsp-2.1-api is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335008
      • AND
        • comment tomcat6-lib is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429013
        • comment tomcat6-lib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335018
      • AND
        • comment tomcat6-servlet-2.5-api is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429015
        • comment tomcat6-servlet-2.5-api is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335010
      • AND
        • comment tomcat6-webapps is earlier than 0:6.0.24-64.el6_5
          oval oval:com.redhat.rhsa:tst:20140429017
        • comment tomcat6-webapps is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110335014
    rhsa
    id RHSA-2014:0429
    released 2014-04-23
    severity Moderate
    title RHSA-2014:0429: tomcat6 security update (Moderate)
  • rhsa
    id RHSA-2014:0252
  • rhsa
    id RHSA-2014:0253
  • rhsa
    id RHSA-2014:0400
rpms
  • tomcat6-0:6.0.24-64.el6_5
  • tomcat6-admin-webapps-0:6.0.24-64.el6_5
  • tomcat6-docs-webapp-0:6.0.24-64.el6_5
  • tomcat6-el-2.1-api-0:6.0.24-64.el6_5
  • tomcat6-javadoc-0:6.0.24-64.el6_5
  • tomcat6-jsp-2.1-api-0:6.0.24-64.el6_5
  • tomcat6-lib-0:6.0.24-64.el6_5
  • tomcat6-servlet-2.5-api-0:6.0.24-64.el6_5
  • tomcat6-webapps-0:6.0.24-64.el6_5
refmap via4
bid 65400
bugtraq
  • 20140625 NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library
  • 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
confirm
debian DSA-2856
fulldisc 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
hp HPSBGN03329
jvn JVN#14876762
jvndb JVNDB-2014-000017
mandriva MDVSA-2015:084
misc
mlist [commons-dev] 20140206 [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS
secunia
  • 57915
  • 58075
  • 58976
  • 59039
  • 59041
  • 59183
  • 59184
  • 59185
  • 59187
  • 59232
  • 59399
  • 59492
  • 59500
  • 59725
  • 60475
  • 60753
ubuntu USN-2130-1
vmware via4
  • description tc-server has been updated to version 2.9.5 to address multiple security issues. This version of tc-server includes Apache Tomcat 7.0.52.
    id VMSA-2014-0008
    last_updated 2014-09-09T00:00:00
    published 2014-09-09T00:00:00
    title vCenter Server tc-server 2.9.5 / Apache Tomcat 7.0.52 updates
    workaround None
  • description The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0224CVE-2014-0198 CVE-2010-5298CVE-2014-3470CVE-2014-0221 and CVE-2014-0195 to these issues. The most important of these issues is CVE-2014-0224.CVE-2014-0198CVE-2010-5298 and CVE-2014-3470 are considered to be of moderate severity. Exploitation is highly unlikely or is mitigated due to the application configuration.CVE-2014-0221 and CVE-2014-0195which are listed in the OpenSSL Security Advisory (see Reference section below)do not affect any VMware products. CVE-2014-0224 may lead to a Man-in-the-Middle attack if a server is running a vulnerable version of OpenSSL 1.0.1 and clients are running a vulnerable version of OpenSSL 0.9.8 or 1.0.1. Updating the server will mitigate this issue for both the server and all affected clients.CVE-2014-0224 may affect products differently depending on whether the product is acting as a client or a server and of which version of OpenSSL the product is using. For readability the affected products have been split into 3 tables below based on the different client-server configurations and deployment scenarios.
    id VMSA-2014-0007
    last_updated 2014-09-09T00:00:00
    published 2014-06-24T00:00:00
    title The Apache Struts library is updated.
    workaround A workaround for CVE-2014-0112 is documented in VMware Knowledge Base article 2081470
Last major update 16-02-2017 - 21:59
Published 01-04-2014 - 02:27
Last modified 09-10-2018 - 15:35
Back to Top