SB2015021401 - Fedora 21 update for tomcat

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2015021401

SB2015021401 - Fedora 21 update for tomcat

Published: February 14, 2015 Updated: April 24, 2025

Security Bulletin ID SB2015021401
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 25% Medium 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Integer overflow (CVE-ID: CVE-2014-0075)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat. A remote attacker can cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2014-0096)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat does not properly restrict XSLT stylesheets. A remote attacker can bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.


3) Integer overflow (CVE-ID: CVE-2014-0099)

The vulnerability allows a remote attacker to perform a HTTP request smuggling attack.

The vulnerability exists due to integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat when operated behind a reverse proxy. A remote attacker can conduct HTTP request smuggling attack via a crafted Content-Length HTTP header.


4) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2014-0227)

The vulnerability allows a remote attacker to perform a HTTP request smuggling attack.

The vulnerability exists due to java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat does not properly handle attempts to continue reading data after an error has occurred. A remote attacker can conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.


Remediation

Install update from vendor's website.

References