SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Apache Tomcat Vendors:   Apache Software Foundation
Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1027836
SecurityTracker URL:  http://securitytracker.com/id/1027836
CVE Reference:   CVE-2012-4534   (Links to External Site)
Date:  Dec 5 2012
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.0.0 to 6.0.35, 7.0.0 to 7.0.27
Description:   A vulnerability was reported in Apache Tomcat. A remote user can cause denial of service conditions.

A remote user can break the connection while reading the response to cause the target system to enter an infinite loop.

Systems using the NIO connector with sendfile and HTTPS enabled are affected.

Arun Neelicattu of the Red Hat Security Response Team reported this vulnerability.
Impact:   A remote user can the system to enter an infinite loop.
Solution:   The vendor has issued a fix (6.0.36, 7.0.28).

The vendor's advisory is available at:

http://tomcat.apache.org/security-7.html
Vendor URL:  tomcat.apache.org/ (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Dec 14 2012 (Oracle Issues Fix for Oracle Health Sciences LabPas) Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
Oracle has issued a fix for Oracle Health Sciences LabPas.
Feb 20 2013 (Red Hat Issues Fix) Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
Red Hat has issued a fix for JBoss Enterprise Web Server.
Feb 20 2013 (Red Hat Issues Fix) Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
Red Hat has issued a fix for JBoss Enterprise Web Server for Red Hat Enterprise Linux 5 and 6.
Feb 20 2013 (Oracle Issues Fix for Solaris) Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
Oracle has issued a fix for Solaris 11.1.
Apr 30 2013 (HP Issues Fix for HP Service Manager) Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
HP has issued a fix for HP Service Manager.
Apr 3 2014 (Oracle Issues Fix for Solaris) Apache Tomcat Connection Processing Bug Lets Remote Users Deny Service
Oracle has issued a fix for Solaris 9, 10, and 11.1.


 Source Message Contents
Subject:  [Full-disclosure] CVE-2012-4534 Apache Tomcat denial of service

CVE-2012-4534 Apache Tomcat denial of service

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
- Tomcat 7.0.0 to 7.0.27
- Tomcat 6.0.0 to 6.0.35

Description:
When using the NIO connector with sendfile and HTTPS enabled, if a
client breaks the connection while reading the response an infinite loop
is entered leading to a denial of service. This was originally reported
as https://issues.apache.org/bugzilla/show_bug.cgi?id=52858.

Mitigation:
Users of affected versions should apply one of the following mitigations:
- Tomcat 7.0.x users should upgrade to 7.0.28 or later
- Tomcat 6.0.x users should upgrade to 6.0.36 or later

Credit:
The security implications of this bug were identified by Arun Neelicattu
of the Red Hat Security Response Team.

References:
http://tomcat.apache.org/security.html
http://tomcat.apache.org/security-7.html
http://tomcat.apache.org/security-6.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC