Description
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Remediation
References
http://openwall.com/lists/oss-security/2015/04/10/1
http://svn.apache.org/viewvc?view=revision&revision=1603770
http://svn.apache.org/viewvc?view=revision&revision=1603779
http://tomcat.apache.org/security-6.html
http://svn.apache.org/viewvc?view=revision&revision=1603775
http://tomcat.apache.org/security-8.html
http://tomcat.apache.org/security-7.html
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.debian.org/security/2016/dsa-3530
http://rhn.redhat.com/errata/RHSA-2016-0599.html
http://rhn.redhat.com/errata/RHSA-2016-0597.html
http://rhn.redhat.com/errata/RHSA-2016-0598.html
http://rhn.redhat.com/errata/RHSA-2016-0595.html
http://rhn.redhat.com/errata/RHSA-2016-0596.html
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
http://marc.info/?l=bugtraq&m=145974991225029&w=2
http://marc.info/?l=bugtraq&m=144498216801440&w=2
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://rhn.redhat.com/errata/RHSA-2015-2661.html
https://access.redhat.com/errata/RHSA-2015:2659
https://access.redhat.com/errata/RHSA-2015:2660
https://issues.jboss.org/browse/JWS-220
https://issues.jboss.org/browse/JWS-219
http://www.debian.org/security/2016/dsa-3447
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
http://rhn.redhat.com/errata/RHSA-2015-1622.html
http://rhn.redhat.com/errata/RHSA-2015-1621.html
http://www.ubuntu.com/usn/USN-2655-1
http://www.securityfocus.com/bid/74475
http://www.ubuntu.com/usn/USN-2654-1
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
Related Vulnerabilities
CVE-2014-0050 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2023-50730 Vulnerability in maven package org.typelevel:grackle-core_sjs1_3
CVE-2023-36475 Vulnerability in npm package parse-server
CVE-2014-7810 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2020-28052 Vulnerability in maven package org.bouncycastle:bcprov-debug-jdk15on