Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2014-0050

Published: 01/04/2014 Updated: 17/07/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 798
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Retail Applications

Vulnerability Summary

MultipartStream.java in Apache Commons FileUpload prior to 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle retail applications 12.0

oracle retail applications 12.0in

oracle retail applications 13.2

oracle retail applications 13.3

oracle retail applications 13.4

oracle retail applications 14.0

oracle retail applications 13.0

oracle retail applications 13.1

apache tomcat 7.0.0

apache tomcat 7.0.14

apache tomcat 7.0.15

apache tomcat 7.0.21

apache tomcat 7.0.22

apache tomcat 7.0.29

apache tomcat 7.0.3

apache tomcat 7.0.36

apache tomcat 7.0.37

apache tomcat 7.0.43

apache tomcat 7.0.44

apache tomcat 7.0.50

apache tomcat 7.0.6

apache tomcat 8.0.0

apache commons fileupload 1.0

apache tomcat 7.0.10

apache tomcat 7.0.11

apache tomcat 7.0.19

apache tomcat 7.0.2

apache tomcat 7.0.25

apache tomcat 7.0.26

apache tomcat 7.0.32

apache tomcat 7.0.33

apache tomcat 7.0.4

apache tomcat 7.0.40

apache tomcat 7.0.47

apache tomcat 7.0.48

apache tomcat 7.0.9

apache commons fileupload 1.2

apache commons fileupload 1.2.1

apache tomcat 7.0.12

apache tomcat 7.0.13

apache tomcat 7.0.20

apache tomcat 7.0.27

apache tomcat 7.0.28

apache tomcat 7.0.34

apache tomcat 7.0.35

apache tomcat 7.0.41

apache tomcat 7.0.42

apache tomcat 7.0.49

apache tomcat 7.0.5

apache tomcat 8.0.1

apache commons fileupload 1.2.2

apache commons fileupload

apache tomcat 7.0.1

apache tomcat 7.0.16

apache tomcat 7.0.17

apache tomcat 7.0.18

apache tomcat 7.0.23

apache tomcat 7.0.24

apache tomcat 7.0.30

apache tomcat 7.0.31

apache tomcat 7.0.38

apache tomcat 7.0.39

apache tomcat 7.0.45

apache tomcat 7.0.46

apache tomcat 7.0.7

apache tomcat 7.0.8

apache commons fileupload 1.1

apache commons fileupload 1.1.1

Vendor Advisories

Debian Security Advisories: DSA-2856-1 libcommons-fileupload-java -- denial of service
It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition For the oldstable distribution (squeeze), this problem has been fixed in version 122-1+deb6u2 For the stable distribution (wheezy), this p ...
Amazon Linux AMI: ALAS-2014-312
MultipartStreamjava in Apache Commons FileUpload before 131, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions ...
Ubuntu Security Notice: tomcat6, tomcat7 vulnerabilities
Several security issues were fixed in Tomcat ...
IBM: Security Bulletin: A vulnerability in Apache Commons Fileupload affects IBM Tivoli Business Service Manager (CVE-2013-2186, CVE-2013-0248, CVE-2016-3092, CVE-2014-0050, 220723)
Apache Commons Fileupload is shipped with IBM Tivoli Business Manager 620 as part of its web service infrastucture Information about security vulnerabilities affecting Apache Commons Fileupload has been published in a security bulletin ...
Debian Security Advisories: DSA-2897-1 tomcat7 -- security update
Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session By repeatedly sending a request for an authenticated resource while the victim is completing the login form, an attacker could inject a req ...
Debian CVElist Bug Report Logs: tomcat7: CVE-2013-2071
Debian Bug report logs - #707704 tomcat7: CVE-2013-2071 Package: tomcat7; Maintainer for tomcat7 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat7 is src:tomcat7 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 10 May 2013 13:27:01 UTC Seve ...
Amazon Linux AMI: ALAS-2014-344
It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request A remote attacker could use this flaw to poison a web cache, perform cross-site scripting ...
Symantec Security Advisories: SA100 : Apache Tomcat Vulnerabilities
<!-- Start - Changes for Security Advisory Channel --> Security Advisory ID SYMSA1329 Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score: Legacy ID 23 Jul 2015 Open High CVSS v2: 78 SA100 ...
Oracle: Oracle Critical Patch Update Advisory - April 2015
Oracle Critical Patch Update Advisory - April 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patch ...
IBM: IBM Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple security vulnerabilities
IBM Security Privileged Identity Manager has addressed the following security vulnerabilities ...
Oracle: Oracle Critical Patch Update Advisory - January 2016
Oracle Critical Patch Update Advisory - January 2016 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Pat ...
Oracle: Oracle Critical Patch Update Advisory - October 2015
Oracle Critical Patch Update Advisory - October 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patc ...
Oracle: Oracle Critical Patch Update Advisory - October 2017
Oracle Critical Patch Update Advisory - October 2017 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the ...
Oracle: Oracle Critical Patch Update Advisory - January 2015
<!-- content goes here --> Oracle Critical Patch Update Advisory - January 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisor ...
IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities
IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks ...
Oracle: Oracle Critical Patch Update Advisory - October 2016
Oracle Critical Patch Update Advisory - October 2016 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previou ...

Exploits

Exploit DB: Apache Commons FileUpload and Apache Tomcat - Denial of Service
################################################################################# # CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat Denial-of-Service # # # # Author: Oren Hafif, Trustwave SpiderLabs Research # # This is a Proof of Concept code that was created for the sole purpose # # of assisting system admin ...

Metasploit Modules

Apache Commons FileUpload and Apache Tomcat DoS

This module triggers an infinite loop in Apache Commons FileUpload 1.0 through 1.3 via a specially crafted Content-Type header. Apache Tomcat 7 and Apache Tomcat 8 use a copy of FileUpload to handle mime-multipart requests, therefore, Apache Tomcat 7.0.0 through 7.0.50 and 8.0.0-RC1 through 8.0.1 are affected by this issue. Tomcat 6 also uses Commons FileUpload as part of the Manager application.

msf > use auxiliary/dos/http/apache_commons_fileupload_dos
      msf auxiliary(apache_commons_fileupload_dos) > show actions
            ...actions...
      msf auxiliary(apache_commons_fileupload_dos) > set ACTION <action-name>
      msf auxiliary(apache_commons_fileupload_dos) > show options
            ...show and set options...
      msf auxiliary(apache_commons_fileupload_dos) > run

Github Repositories

cve-2014-0050

CVE-2014-0050 Vulnerable site sample

cve-2014-0050 CVE-2014-0050 Vulnerable site sample This project aims to demonstrate the CVE-2014-0050 exploitation for educational purpose For more informations, see : wwwtrustwavecom/Resources/SpiderLabs-Blog/CVE-2014-0050--Exploit-with-Boundaries,-Loops-without-Boundaries/ githubcom/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/apache

victims-version-search

Version based search for vulnerabilities in Jar files, using victims-cve-db database.

Victims CVE Database Version Search This script allows searching for vulnerabilities associated with specific versions of Java archives (jar files) using database provided by victims-cve-db For each jar file the version information is retrieved: Using Maven manifest (pomxml), if it does exist within jar Using version included into filename and filename as artifactId Using

-maven-security-versions

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

maven-security-versions-Travis

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

victims

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

victims

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

maven-security-versions

Identify vulnerable libraries in Maven dependencies

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

CDL

CDL: Classified Distributed Learning for Detecting Security Attacks in Containerized Applications This contains the data of our paper If you find this data useful in your research, please consider citing: @inproceedings{lin2020cdl, title={CDL: Classified Distributed Learning for Detecting Security Attacks in Containerized Applications}, author={Lin, Yuhang and Tunde-Onadele, O

Classified-Distributed-Learning-for-Detecting-Security-Attacks-in-Containerized-Applications

CDL: Classified Distributed Learning for Detecting Security Attacks in Containerized Applications This repository contains the data for the paper "CDL: Classified Distributed Learning for Detecting Security Attacks in Containerized Applications" This submitted artifact only consists of the data we used in section 3, which includes the raw traces (in text format, abou

Recent Articles

VMware Patches Apache Struts Flaws in vCOPS
Threatpost • Dennis Fisher • 25 Jun 2014

VMware has patched several serious security vulnerabilities in its vCenter Operations Center Management suite, one of which could lead to remote code execution on vulnerable machines.
All of the vulnerabilities that the company patched lie in the Apache Struts Java application framework, and the most serious of them is CVE-2014-0112, which allows an attacker to run arbitrary code.
“ParametersInterceptor in Apache Struts before 2.3.16.2 does not properly restrict access to the getCl...

Read more...

References

CWE-264http://jvn.jp/en/jp/JVN14876762/index.htmlhttp://tomcat.apache.org/security-8.htmlhttp://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3Ehttps://bugzilla.redhat.com/show_bug.cgi?id=1062337http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017http://svn.apache.org/r1565143http://tomcat.apache.org/security-7.htmlhttp://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0400.htmlhttp://secunia.com/advisories/57915http://www-01.ibm.com/support/docview.wss?uid=swg21676410http://secunia.com/advisories/58976http://secunia.com/advisories/59232http://secunia.com/advisories/59183http://secunia.com/advisories/59500http://www-01.ibm.com/support/docview.wss?uid=swg21676401http://secunia.com/advisories/58075http://www-01.ibm.com/support/docview.wss?uid=swg21677724http://www-01.ibm.com/support/docview.wss?uid=swg21676853http://secunia.com/advisories/59187http://www-01.ibm.com/support/docview.wss?uid=swg21675432http://secunia.com/advisories/59041http://secunia.com/advisories/59185http://secunia.com/advisories/59492http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.htmlhttp://www.securityfocus.com/bid/65400http://secunia.com/advisories/59039http://secunia.com/advisories/59725http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.htmlhttp://secunia.com/advisories/59399http://www-01.ibm.com/support/docview.wss?uid=swg21676656http://www-01.ibm.com/support/docview.wss?uid=swg21676403http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.htmlhttp://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.htmlhttp://secunia.com/advisories/59184http://www-01.ibm.com/support/docview.wss?uid=swg21676405http://www.vmware.com/security/advisories/VMSA-2014-0007.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htmhttp://secunia.com/advisories/60475http://secunia.com/advisories/60753http://www-01.ibm.com/support/docview.wss?uid=swg21677691http://www-01.ibm.com/support/docview.wss?uid=swg21681214http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://www.vmware.com/security/advisories/VMSA-2014-0012.htmlhttp://seclists.org/fulldisclosure/2014/Dec/23http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:084http://advisories.mageia.org/MGASA-2014-0110.htmlhttp://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21676091http://www-01.ibm.com/support/docview.wss?uid=swg21676092http://www-01.ibm.com/support/docview.wss?uid=swg21669554http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlhttp://marc.info/?l=bugtraq&m=143136844732487&w=2http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755http://www.vmware.com/security/advisories/VMSA-2014-0008.htmlhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.ubuntu.com/usn/USN-2130-1http://www.debian.org/security/2014/dsa-2856http://rhn.redhat.com/errata/RHSA-2014-0253.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0252.htmlhttp://www.securityfocus.com/archive/1/534161/100/0/threadedhttp://www.securityfocus.com/archive/1/532549/100/0/threadedhttps://security.gentoo.org/glsa/202107-39https://github.com/jrrdev/cve-2014-0050https://nvd.nist.govhttps://www.exploit-db.com/exploits/31615/http://tools.cisco.com/security/center/viewAlert.x?alertId=32760https://usn.ubuntu.com/2130-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
elevation of privilegeCVE-2022-42331CVE-2023-24709CVE-2023-27569open redirectinjectionCVE-2023-27087
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook