ID CVE-2014-0186
Summary A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
CVSS
Base: 5.0 (as of 16-06-2014 - 10:52)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0686.NASL
    description Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that a fix for a previous security flaw introduced a regression that could cause a denial of service in Tomcat 7. A remote attacker could use this flaw to consume an excessive amount of CPU on the Tomcat server by sending a specially crafted request to that server. (CVE-2014-0186) It was found that when Tomcat 7 processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat 7 processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) All Tomcat 7 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
    last seen 2017-10-29
    modified 2017-01-06
    plugin id 76895
    published 2014-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76895
    title RHEL 7 : tomcat (RHSA-2014:0686)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0686.NASL
    description From Red Hat Security Advisory 2014:0686 : Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was found that a fix for a previous security flaw introduced a regression that could cause a denial of service in Tomcat 7. A remote attacker could use this flaw to consume an excessive amount of CPU on the Tomcat server by sending a specially crafted request to that server. (CVE-2014-0186) It was found that when Tomcat 7 processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat 7 processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) All Tomcat 7 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Tomcat must be restarted for this update to take effect.
    last seen 2017-10-29
    modified 2016-05-20
    plugin id 76733
    published 2014-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76733
    title Oracle Linux 7 : tomcat (ELSA-2014-0686)
redhat via4
advisories
bugzilla
id 1089884
title CVE-2014-0186 tomcat7: RHEL-7 regression causing DoS
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhsa:tst:20140675001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhsa:tst:20140675002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhsa:tst:20140675003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhsa:tst:20140675004
  • OR
    • AND
      • comment tomcat-el-2.2-api is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686023
      • comment tomcat-el-2.2-api is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686024
    • AND
      • comment tomcat is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686005
      • comment tomcat is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686006
    • AND
      • comment tomcat-lib is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686009
      • comment tomcat-lib is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686010
    • AND
      • comment tomcat-jsp-2.2-api is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686017
      • comment tomcat-jsp-2.2-api is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686018
    • AND
      • comment tomcat-docs-webapp is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686013
      • comment tomcat-docs-webapp is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686014
    • AND
      • comment tomcat-admin-webapps is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686015
      • comment tomcat-admin-webapps is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686016
    • AND
      • comment tomcat-jsvc is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686021
      • comment tomcat-jsvc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686022
    • AND
      • comment tomcat-webapps is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686007
      • comment tomcat-webapps is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686008
    • AND
      • comment tomcat-servlet-3.0-api is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686019
      • comment tomcat-servlet-3.0-api is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686020
    • AND
      • comment tomcat-javadoc is earlier than 0:7.0.42-5.el7_0
        oval oval:com.redhat.rhsa:tst:20140686011
      • comment tomcat-javadoc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140686012
rhsa
id RHSA-2014:0686
released 2014-06-10
severity Important
title RHSA-2014:0686: tomcat security update (Important)
rpms
  • tomcat-el-2.2-api-0:7.0.42-5.el7_0
  • tomcat-0:7.0.42-5.el7_0
  • tomcat-lib-0:7.0.42-5.el7_0
  • tomcat-jsp-2.2-api-0:7.0.42-5.el7_0
  • tomcat-docs-webapp-0:7.0.42-5.el7_0
  • tomcat-admin-webapps-0:7.0.42-5.el7_0
  • tomcat-jsvc-0:7.0.42-5.el7_0
  • tomcat-webapps-0:7.0.42-5.el7_0
  • tomcat-servlet-3.0-api-0:7.0.42-5.el7_0
  • tomcat-javadoc-0:7.0.42-5.el7_0
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1089884
misc https://security-tracker.debian.org/tracker/CVE-2014-0186
osvdb 108060
Last major update 16-06-2014 - 10:52
Published 14-06-2014 - 07:18
Back to Top