Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-4286

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2013-4286
Last Modified 16 Apr 2015 09:59:01
Published 26 Feb 2014 09:55:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-4286

Summary

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.

Vulnerable Systems

Application

  • Apache Tomcat 1.1.3

  • Apache Tomcat 3.0

  • Apache Tomcat 3.1

  • Apache Tomcat 3.1.1

  • Apache Tomcat 3.2

  • Apache Tomcat 3.2.1

  • Apache Tomcat 3.2.2

  • Apache Tomcat 3.2.3

  • Apache Tomcat 3.2.4

  • Apache Tomcat 3.3

  • Apache Tomcat 3.3.1

  • Apache Tomcat 3.3.1a

  • Apache Tomcat 3.3.2

  • Apache Tomcat 4

  • Apache Tomcat 4.0.0

  • Apache Tomcat 4.0.1

  • Apache Tomcat 4.0.2

  • Apache Tomcat 4.0.3

  • Apache Tomcat 4.0.4

  • Apache Tomcat 4.0.5

  • Apache Tomcat 4.0.6

  • Apache Tomcat 4.1.0

  • Apache Tomcat 4.1.1

  • Apache Tomcat 4.1.10

  • Apache Tomcat 4.1.12

  • Apache Tomcat 4.1.15

  • Apache Tomcat 4.1.2

  • Apache Tomcat 4.1.24

  • Apache Tomcat 4.1.28

  • Apache Tomcat 4.1.29

  • Apache Tomcat 4.1.3

  • Apache Tomcat 4.1.31

  • Apache Tomcat 4.1.36

  • Apache Tomcat 4.1.9

  • Apache Tomcat 5

  • Apache Tomcat 5.0.0

  • Apache Tomcat 5.0.1

  • Apache Tomcat 5.0.10

  • Apache Tomcat 5.0.11

  • Apache Tomcat 5.0.12

  • Apache Tomcat 5.0.13

  • Apache Tomcat 5.0.14

  • Apache Tomcat 5.0.15

  • Apache Tomcat 5.0.16

  • Apache Tomcat 5.0.17

  • Apache Tomcat 5.0.18

  • Apache Tomcat 5.0.19

  • Apache Tomcat 5.0.2

  • Apache Tomcat 5.0.21

  • Apache Tomcat 5.0.22

  • Apache Tomcat 5.0.23

  • Apache Tomcat 5.0.24

  • Apache Tomcat 5.0.25

  • Apache Tomcat 5.0.26

  • Apache Tomcat 5.0.27

  • Apache Tomcat 5.0.28

  • Apache Tomcat 5.0.29

  • Apache Tomcat 5.0.3

  • Apache Tomcat 5.0.30

  • Apache Tomcat 5.0.4

  • Apache Tomcat 5.0.5

  • Apache Tomcat 5.0.6

  • Apache Tomcat 5.0.7

  • Apache Tomcat 5.0.8

  • Apache Tomcat 5.0.9

  • Apache Tomcat 5.5.0

  • Apache Tomcat 5.5.1

  • Apache Tomcat 5.5.10

  • Apache Tomcat 5.5.11

  • Apache Tomcat 5.5.12

  • Apache Tomcat 5.5.13

  • Apache Tomcat 5.5.14

  • Apache Tomcat 5.5.15

  • Apache Tomcat 5.5.16

  • Apache Tomcat 5.5.17

  • Apache Tomcat 5.5.18

  • Apache Tomcat 5.5.19

  • Apache Tomcat 5.5.2

  • Apache Tomcat 5.5.20

  • Apache Tomcat 5.5.21

  • Apache Tomcat 5.5.22

  • Apache Tomcat 5.5.23

  • Apache Tomcat 5.5.24

  • Apache Tomcat 5.5.25

  • Apache Tomcat 5.5.26

  • Apache Tomcat 5.5.27

  • Apache Tomcat 5.5.28

  • Apache Tomcat 5.5.29

  • Apache Tomcat 5.5.3

  • Apache Tomcat 5.5.30

  • Apache Tomcat 5.5.31

  • Apache Tomcat 5.5.32

  • Apache Tomcat 5.5.33

  • Apache Tomcat 5.5.34

  • Apache Tomcat 5.5.35

  • Apache Tomcat 5.5.4

  • Apache Tomcat 5.5.5

  • Apache Tomcat 5.5.6

  • Apache Tomcat 5.5.7

  • Apache Tomcat 5.5.8

  • Apache Tomcat 5.5.9

  • Apache Tomcat 6

  • Apache Tomcat 6.0

  • Apache Tomcat 6.0.0

  • Apache Tomcat 6.0.1

  • Apache Tomcat 6.0.10

  • Apache Tomcat 6.0.11

  • Apache Tomcat 6.0.12

  • Apache Tomcat 6.0.13

  • Apache Tomcat 6.0.14

  • Apache Tomcat 6.0.15

  • Apache Tomcat 6.0.16

  • Apache Tomcat 6.0.17

  • Apache Tomcat 6.0.18

  • Apache Tomcat 6.0.19

  • Apache Tomcat 6.0.2

  • Apache Tomcat 6.0.20

  • Apache Tomcat 6.0.24

  • Apache Tomcat 6.0.26

  • Apache Tomcat 6.0.27

  • Apache Tomcat 6.0.28

  • Apache Tomcat 6.0.29

  • Apache Tomcat 6.0.3

  • Apache Tomcat 6.0.30

  • Apache Tomcat 6.0.31

  • Apache Tomcat 6.0.32

  • Apache Tomcat 6.0.33

  • Apache Tomcat 6.0.35

  • Apache Tomcat 6.0.36

  • Apache Tomcat 6.0.37

  • Apache Tomcat 7.0.0

  • Apache Tomcat 7.0.1

  • Apache Tomcat 7.0.10

  • Apache Tomcat 7.0.11

  • Apache Tomcat 7.0.12

  • Apache Tomcat 7.0.13

  • Apache Tomcat 7.0.14

  • Apache Tomcat 7.0.15

  • Apache Tomcat 7.0.16

  • Apache Tomcat 7.0.17

  • Apache Tomcat 7.0.18

  • Apache Tomcat 7.0.19

  • Apache Tomcat 7.0.2

  • Apache Tomcat 7.0.20

  • Apache Tomcat 7.0.21

  • Apache Tomcat 7.0.22

  • Apache Tomcat 7.0.23

  • Apache Tomcat 7.0.24

  • Apache Tomcat 7.0.25

  • Apache Tomcat 7.0.26

  • Apache Tomcat 7.0.27

  • Apache Tomcat 7.0.28

  • Apache Tomcat 7.0.29

  • Apache Tomcat 7.0.3

  • Apache Tomcat 7.0.30

  • Apache Tomcat 7.0.31

  • Apache Tomcat 7.0.32

  • Apache Tomcat 7.0.33

  • Apache Tomcat 7.0.34

  • Apache Tomcat 7.0.35

  • Apache Tomcat 7.0.36

  • Apache Tomcat 7.0.37

  • Apache Tomcat 7.0.38

  • Apache Tomcat 7.0.39

  • Apache Tomcat 7.0.4

  • Apache Tomcat 7.0.40

  • Apache Tomcat 7.0.41

  • Apache Tomcat 7.0.42

  • Apache Tomcat 7.0.43

  • Apache Tomcat 7.0.44

  • Apache Tomcat 7.0.45

  • Apache Tomcat 7.0.46

  • Apache Tomcat 8.0.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1069921

CONFIRM - http://tomcat.apache.org/security-8.html

CONFIRM - http://tomcat.apache.org/security-7.html

CONFIRM - http://tomcat.apache.org/security-6.html

CONFIRM - http://svn.apache.org/viewvc?view=revision&revision=1552565

CONFIRM - http://svn.apache.org/viewvc?view=revision&revision=1521854

CONFIRM - http://svn.apache.org/viewvc?view=revision&revision=1521829

SECUNIA - 57675

REDHAT - RHSA-2014:0345

REDHAT - RHSA-2014:0344

REDHAT - RHSA-2014:0343

REDHAT - RHSA-2014:0686

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21678231

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21678113

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21677147

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21675886

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21667883

SECUNIA - 59873

SECUNIA - 59733

SECUNIA - 59724

SECUNIA - 59722

SECUNIA - 59675

SECUNIA - 59036

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

HP - HPSBUX03150

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2014-0012.html

BUGTRAQ - 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

MANDRIVA - MDVSA-2015:052

CONFIRM - http://advisories.mageia.org/MGASA-2014-0148.html

BUGTRAQ - 20150402 NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

MISC - http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html

Related Patches

SUN122911-34 Solaris 10 SPARC: Apache 1.3 Patch

SUN122912-34 Solaris 10 x86: Apache 1.3 Patch


Last Updated: 27 May 2016 11:05:46