7.8
HIGH

CVE-2014-0230

Published: 07/06/2015 Updated: 19/07/2018
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

Vulnerability Summary

SUSE: CVE-2014-0230: SUSE Linux Security Advisory

Several security issues were fixed in Tomcat.

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.

Updated tomcat6 and tomcat7 packages that fix two security issues are now available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810) It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. (CVE-2014-0230) All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat Customer Portal are advised to apply this update. The Red Hat JBoss Web Server process must be restarted for the update to take effect.

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Access Complexity: LOW
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Affected Products

Vendor Product Versions
ApacheTomcat6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14, 6.0.15, 6.0.16, 6.0.17, 6.0.18, 6.0.19, 6.0.20, 6.0.24, 6.0.26, 6.0.27, 6.0.28, 6.0.29, 6.0.30, 6.0.31, 6.0.32, 6.0.33, 6.0.35, 6.0.36, 6.0.37, 6.0.39, 6.0.41, 6.0.43, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.0.10, 7.0.11, 7.0.12, 7.0.13, 7.0.14, 7.0.15, 7.0.16, 7.0.17, 7.0.18, 7.0.19, 7.0.20, 7.0.21, 7.0.22, 7.0.23, 7.0.24, 7.0.25, 7.0.26, 7.0.27, 7.0.28, 7.0.29, 7.0.30, 7.0.31, 7.0.32, 7.0.33, 7.0.34, 7.0.35, 7.0.36, 7.0.37, 7.0.38, 7.0.39, 7.0.40, 7.0.41, 7.0.42, 7.0.43, 7.0.44, 7.0.45, 7.0.46, 7.0.47, 7.0.48, 7.0.49, 7.0.50, 7.0.52, 7.0.53, 7.0.54, 8.0.0, 8.0.1, 8.0.3, 8.0.5, 8.0.8
OracleVirtualization4.63, 4.71, 5.1

Vendor Advisories

Synopsis Moderate: Red Hat JBoss Web Server 302 security update Type/Severity Security Advisory: Moderate Topic Updated Red Hat JBoss Web Server 302 packages are now available for RedHat Enterprise Linux 6Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulnerabi ...
Synopsis Moderate: Red Hat JBoss Web Server 302 security update Type/Severity Security Advisory: Moderate Topic Updated Red Hat JBoss Web Server 302 packages are now available for RedHat Enterprise Linux 7Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulnerabi ...
Several security issues were fixed in Tomcat ...
Several security issues were fixed in Tomcat ...
It was found that the expression language resolver evaluated expressions within a privileged code section A malicious web application could use this flaw to bypass security manager protections (CVE-2014-7810 ) It was found that Tomcat would keep connections open after processing requests with a large enough request body A remote attacker could p ...
It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section For the oldstable distribution (wheezy), this problem has been fixed in version 7028-4+deb7u3 This update also provides fixes for CVE-2013-4444, CVE-2014-0 ...
Oracle Critical Patch Update Advisory - July 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patch U ...
Oracle Critical Patch Update Advisory - July 2018 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous C ...

References

CWE-399http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3Ehttp://marc.info/?l=bugtraq&m=144498216801440&w=2http://marc.info/?l=bugtraq&m=145974991225029&w=2http://openwall.com/lists/oss-security/2015/04/10/1http://rhn.redhat.com/errata/RHSA-2015-1621.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1622.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2661.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0595.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0596.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0597.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0598.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0599.htmlhttp://svn.apache.org/viewvc?view=revision&revision=1603770http://svn.apache.org/viewvc?view=revision&revision=1603775http://svn.apache.org/viewvc?view=revision&revision=1603779http://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-7.htmlhttp://tomcat.apache.org/security-8.htmlhttp://www.debian.org/security/2016/dsa-3447http://www.debian.org/security/2016/dsa-3530http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.securityfocus.com/bid/74475http://www.ubuntu.com/usn/USN-2654-1http://www.ubuntu.com/usn/USN-2655-1https://access.redhat.com/errata/RHSA-2015:2659https://access.redhat.com/errata/RHSA-2015:2660https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964https://issues.jboss.org/browse/JWS-219https://issues.jboss.org/browse/JWS-220https://www.rapid7.com/db/vulnerabilities/suse-cve-2014-0230https://access.redhat.com/errata/RHSA-2015:2659https://nvd.nist.govhttps://usn.ubuntu.com/2655-1/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1622