https://bugzilla.redhat.com/show_bug.cgi?id=1103804
Bug ID: 1103804 Summary: CVE-2014-0095 Apache Tomcat 8: Denial of service via AJP requests with content length zero Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: aneelica@redhat.com CC: aneelica@redhat.com, dknox@redhat.com, ivan.afonichev@gmail.com, java-sig-commits@lists.fedoraproject.org, jdoyle@redhat.com, jkurik@redhat.com, krzysztof.daniel@gmail.com, lgao@redhat.com, pslavice@redhat.com, rsvoboda@redhat.com, weli@redhat.com
A regression was introduced in revision 1519838 (released with Apache Tomcat 8.0.0-RC2) that caused AJP requests to hang if an explicit content length of zero was set on the request. The hanging request consumed a request processing thread which could lead to a denial of service.
Affects: Apache Tomcat 8.0.0-RC2 to 8.0.3
References: http://tomcat.apache.org/security-8.html
https://bugzilla.redhat.com/show_bug.cgi?id=1103804
Arun Babu Neelicattu aneelica@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |8.0.5
https://bugzilla.redhat.com/show_bug.cgi?id=1103804
--- Comment #1 from Arun Babu Neelicattu aneelica@redhat.com --- Statement:
This flaw does not affect Apache Tomcat as shipped by any Red Hat product.
https://bugzilla.redhat.com/show_bug.cgi?id=1103804
Arun Babu Neelicattu aneelica@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG Last Closed| |2014-06-02 11:31:35
https://bugzilla.redhat.com/show_bug.cgi?id=1103804
Arun Babu Neelicattu aneelica@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1103878
https://bugzilla.redhat.com/show_bug.cgi?id=1103804
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jrusnack@redhat.com Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0530,reported=20140530,sour |0530,reported=20140530,sour |ce=internet,cvss2=5.0/AV:N/ |ce=internet,cvss2=5.0/AV:N/ |AC:L/Au:N/C:N/I:N/A:P,cwe=8 |AC:L/Au:N/C:N/I:N/A:P,cwe=C |35,rhel-6/tomcat6=notaffect |WE-130->CWE-835,rhel-6/tomc |ed,rhel-5/tomcat5=notaffect |at6=notaffected,rhel-5/tomc |ed,jbews-1/tomcat5=notaffec |at5=notaffected,jbews-1/tom |ted,jbews-1/tomcat6=notaffe |cat5=notaffected,jbews-1/to |cted,jbews-2/tomcat6=notaff |mcat6=notaffected,jbews-2/t |ected,jbews-2/tomcat7=notaf |omcat6=notaffected,jbews-2/ |fected,fedora-all/tomcat=no |tomcat7=notaffected,fedora- |taffected,rhel-7/tomcat=not |all/tomcat=notaffected,rhel |affected,jboss/jbossweb=not |-7/tomcat=notaffected,jboss |affected |/jbossweb=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1103804
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version|8.0.5 |tomcat 8.0.5
java-sig-commits@lists.fedoraproject.org