CVE-2013-4286 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2013-4286

CVE-2013-4286

February 26, 2014

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.

Related Resources (73)

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.securityfocus.com/bid/65773

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://rhn.redhat.com/errata/RHSA-2014-0343.html

http://marc.info/?l=bugtraq&m=144498216801440&w=2

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

https://github.com/apache/tomcat

http://secunia.com/advisories/59722

http://www-01.ibm.com/support/docview.wss?uid=swg21675886

https://web.archive.org/web/20161014054913/http://www-01.ibm.com/support/docview.wss?uid=swg21678113

http://seclists.org/fulldisclosure/2014/Dec/23

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

http://svn.apache.org/viewvc?view=revision&revision=1521854

https://nvd.nist.gov/vuln/detail/CVE-2013-4286

http://tomcat.apache.org/security-7.html

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

https://bugzilla.redhat.com/show_bug.cgi?id=1069921

http://secunia.com/advisories/59724

http://tomcat.apache.org/security-8.html

http://rhn.redhat.com/errata/RHSA-2014-0345.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

https://rhn.redhat.com/errata/RHSA-2014-0686.html

https://web.archive.org/web/20161024215639/http://secunia.com/advisories/59722

http://www-01.ibm.com/support/docview.wss?uid=swg21677147

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

https://web.archive.org/web/20161014054948/http://www-01.ibm.com/support/docview.wss?uid=swg21667883

https://web.archive.org/web/20161014054838/http://www-01.ibm.com/support/docview.wss?uid=swg21677147

https://web.archive.org/web/20140724174205/http://secunia.com/advisories/57675

https://github.com/apache/tomcat80/commit/ff00954b78e6484e40f323c0cef2e6d95c2882b9

http://svn.apache.org/viewvc?view=revision&revision=1521829

https://web.archive.org/web/20161024220034/http://secunia.com/advisories/59733

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

http://www.ubuntu.com/usn/USN-2130-1

https://web.archive.org/web/20161024220018/http://secunia.com/advisories/59724

https://web.archive.org/web/20161014054543/http://www-01.ibm.com/support/docview.wss?uid=swg21678231

http://secunia.com/advisories/59733

https://access.redhat.com/security/cve/CVE-2013-4286

http://secunia.com/advisories/59675

http://svn.apache.org/viewvc?view=revision&revision=1552565

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

http://www.debian.org/security/2016/dsa-3530

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

https://web.archive.org/web/20141230041748/http://seclists.org/fulldisclosure/2014/Dec/23

https://web.archive.org/web/20161024215453/http://secunia.com/advisories/59873

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

https://web.archive.org/web/20160317145515/http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://secunia.com/advisories/59873

https://web.archive.org/web/20140804172142/http://secunia.com/advisories/59036

https://web.archive.org/web/20160729061926/http://www.securityfocus.com/bid/65773

http://secunia.com/advisories/59036

http://secunia.com/advisories/57675

http://tomcat.apache.org/security-6.html

http://advisories.mageia.org/MGASA-2014-0148.html

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

https://web.archive.org/web/20161024215804/http://secunia.com/advisories/59675

https://github.com/apache/tomcat/commit/7c040003f1387795356605566be7870cf70e05dc

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

http://www-01.ibm.com/support/docview.wss?uid=swg21667883

http://www-01.ibm.com/support/docview.wss?uid=swg21678231

http://www.mandriva.com/security/advisories?name=MDVSA-2015:052

http://www-01.ibm.com/support/docview.wss?uid=swg21678113

http://marc.info/?l=bugtraq&m=141390017113542&w=2

http://rhn.redhat.com/errata/RHSA-2014-0344.html

https://github.com/apache/tomcat/commit/d0b3e252eb168fafbfb4c3efc16d4192fc8fad6c

http://www.securityfocus.com/archive/1/534161/100/0/threaded

https://github.com/apache/tomcat/commit/bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa

https://github.com/apache/tomcat/commit/41b90b6ebc3e7f898a5a87d197ddf63790d33315

Do you need more information?

CVSS v4

Base Score:

6.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

LOW

Vulnerable System Availability

NONE

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

CVSS v2

Base Score:

5.8

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

Weakness Type (CWE)

Improper Input Validation

EPSS

Base Score:

27.07