7.5
CVSSv2

CVE-2014-0050

Published: 01/04/2014 Updated: 21/11/2024

Vulnerability Summary

MultipartStream.java in Apache Commons FileUpload prior to 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle retail applications 12.0

oracle retail applications 12.0in

oracle retail applications 13.0

oracle retail applications 13.1

oracle retail applications 13.2

oracle retail applications 13.3

oracle retail applications 13.4

oracle retail applications 14.0

apache commons fileupload

apache commons fileupload 1.0

apache commons fileupload 1.1

apache commons fileupload 1.1.1

apache commons fileupload 1.2

apache commons fileupload 1.2.1

apache commons fileupload 1.2.2

apache tomcat 7.0.0

apache tomcat 7.0.1

apache tomcat 7.0.2

apache tomcat 7.0.3

apache tomcat 7.0.4

apache tomcat 7.0.5

apache tomcat 7.0.6

apache tomcat 7.0.7

apache tomcat 7.0.8

apache tomcat 7.0.9

apache tomcat 7.0.10

apache tomcat 7.0.11

apache tomcat 7.0.12

apache tomcat 7.0.13

apache tomcat 7.0.14

apache tomcat 7.0.15

apache tomcat 7.0.16

apache tomcat 7.0.17

apache tomcat 7.0.18

apache tomcat 7.0.19

apache tomcat 7.0.20

apache tomcat 7.0.21

apache tomcat 7.0.22

apache tomcat 7.0.23

apache tomcat 7.0.24

apache tomcat 7.0.25

apache tomcat 7.0.26

apache tomcat 7.0.27

apache tomcat 7.0.28

apache tomcat 7.0.29

apache tomcat 7.0.30

apache tomcat 7.0.31

apache tomcat 7.0.32

apache tomcat 7.0.33

apache tomcat 7.0.34

apache tomcat 7.0.35

apache tomcat 7.0.36

apache tomcat 7.0.37

apache tomcat 7.0.38

apache tomcat 7.0.39

apache tomcat 7.0.40

apache tomcat 7.0.41

apache tomcat 7.0.42

apache tomcat 7.0.43

apache tomcat 7.0.44

apache tomcat 7.0.45

apache tomcat 7.0.46

apache tomcat 7.0.47

apache tomcat 7.0.48

apache tomcat 7.0.49

apache tomcat 7.0.50

apache tomcat 8.0.0

apache tomcat 8.0.1

Vendor Advisories

Several security issues were fixed in Tomcat ...
Debian Bug report logs - #707704 tomcat7: CVE-2013-2071 Package: tomcat7; Maintainer for tomcat7 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for tomcat7 is src:tomcat7 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 10 May 2013 13:27:01 UTC Seve ...
Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session By repeatedly sending a request for an authenticated resource while the victim is completing the login form, an attacker could inject a req ...
It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition For the oldstable distribution (squeeze), this problem has been fixed in version 122-1+deb6u2 For the stable distribution (wheezy), this p ...
It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request A remote attacker could use this flaw to poison a web cache, perform cross-site scripting ...
MultipartStreamjava in Apache Commons FileUpload before 131, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions ...

Exploits

################################################################################# # CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat Denial-of-Service # # # # Author: Oren Hafif, Trustwave SpiderLabs Research # # This is a Proof of Concept code that was created for the sole purpose # # of assisting system admin ...

Github Repositories

Version based search for vulnerabilities in Jar files, using victims-cve-db database.

Victims CVE Database Version Search This script allows searching for vulnerabilities associated with specific versions of Java archives (jar files) using database provided by victims-cve-db For each jar file the version information is retrieved: Using Maven manifest (pomxml), if it does exist within jar Using version included into filename and filename as artifactId Using

CVE-2014-0050 Vulnerable site sample

cve-2014-0050 CVE-2014-0050 Vulnerable site sample This project aims to demonstrate the CVE-2014-0050 exploitation for educational purpose For more informations, see : wwwtrustwavecom/Resources/SpiderLabs-Blog/CVE-2014-0050--Exploit-with-Boundaries,-Loops-without-Boundaries/ githubcom/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/apache

Proof-Of-Concept FOR CVE 2014-0050