Description

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.

Remediation

References

http://openwall.com/lists/oss-security/2015/04/10/1

http://svn.apache.org/viewvc?view=revision&revision=1603770

http://svn.apache.org/viewvc?view=revision&revision=1603779

http://tomcat.apache.org/security-6.html

http://svn.apache.org/viewvc?view=revision&revision=1603775

http://tomcat.apache.org/security-8.html

http://tomcat.apache.org/security-7.html

http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.debian.org/security/2016/dsa-3530

http://rhn.redhat.com/errata/RHSA-2016-0599.html

http://rhn.redhat.com/errata/RHSA-2016-0597.html

http://rhn.redhat.com/errata/RHSA-2016-0598.html

http://rhn.redhat.com/errata/RHSA-2016-0595.html

http://rhn.redhat.com/errata/RHSA-2016-0596.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964

http://marc.info/?l=bugtraq&m=145974991225029&w=2

http://marc.info/?l=bugtraq&m=144498216801440&w=2

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://rhn.redhat.com/errata/RHSA-2015-2661.html

https://access.redhat.com/errata/RHSA-2015:2659

https://access.redhat.com/errata/RHSA-2015:2660

https://issues.jboss.org/browse/JWS-220

https://issues.jboss.org/browse/JWS-219

http://www.debian.org/security/2016/dsa-3447

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

http://rhn.redhat.com/errata/RHSA-2015-1622.html

http://rhn.redhat.com/errata/RHSA-2015-1621.html

http://www.ubuntu.com/usn/USN-2655-1

http://www.securityfocus.com/bid/74475

http://www.ubuntu.com/usn/USN-2654-1

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

Related Vulnerabilities

CVE-2019-10768 Vulnerability in maven package org.webjars.bower:angular

CVE-2021-23330 Vulnerability in npm package launchpad

CVE-2020-8116 Vulnerability in npm package dot-prop

CVE-2022-36083 Vulnerability in maven package org.webjars.npm:jose

CVE-2021-25122 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

Severity

Critical

Classification

CWE-399

Tags

Patch Vendor Advisory