CVSS: 7.8EPSS: 7%CPEs: 114EXPL: 0CVE-2014-0230 – tomcat: non-persistent DoS attack by feeding data by aborting an upload
https://notcve.org/view.php?id=CVE-2014-0230
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. Apache Tomcat 6.x en versiones anteriores a 6.0.44, 7.x en versiones anteriores a 7.0.55 y 8.x en versiones anteriores a 8.0.9 no maneja adecuadamente los casos en los que se produce una respuesta HTTP antes de terminar la lectura de una petición de cuerpo entero, lo que permite a atacantes remotos causar una denegación de servicio (consumo de hilo) a través de una serie de intentos de carga abortada. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made. • http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E http://marc.info/?l=bugtraq&m=144498216801440&w=2 http://marc.info/?l=bugtraq&m=145974991225029&w=2 http://openwall.com/lists/oss-security/2015/04/10/1 http://rhn.redhat.com/errata/RHSA-2015-1621.html http://rhn.redhat.com/errata/RHSA-2015-1622.html http://rhn.redhat.com/errata/RHSA-2015-2661.html http://rhn.redhat.com/errata/RHSA-2016-0595.html http:/ • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 109EXPL: 0CVE-2014-0119 – Tomcat/JBossWeb: XML parser hijack by malicious web application
https://notcve.org/view.php?id=CVE-2014-0119
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application. Apache Tomcat anterior a 6.0.40, 7.x anterior a 7.0.54 y 8.x anterior a 8.0.6 no restringe debidamente el cargador de clase que accede al analizador XML utilizado con una hoja de estilo XSLT, lo que permite a atacantes remotos (1) leer archivos arbitrarios a través de una aplicación web manipulada que proporciona una declaración de entidad externa XML en conjunto con una referencia de entidad, relacionado con un problema de entidad externa XML (XXE) o (2) leer archivos asociados con aplicaciones web diferentes en una instancia Tomcat única a través de una aplicación web manipulada. It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by JBoss Web / Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or gain access to the XML files processed for other web applications deployed on the same JBoss Web / Apache Tomcat instance. • http://advisories.mageia.org/MGASA-2014-0268.html http://marc.info/?l=bugtraq&m=141017844705317&w=2 http://marc.info/?l=bugtraq&m=144498216801440&w=2 http://rhn.redhat.com/errata/RHSA-2015-0675.html http://rhn.redhat.com/errata/RHSA-2015-0720.html http://rhn.redhat.com/errata/RHSA-2015-0765.html http://seclists.org/fulldisclosure/2014/Dec/23 http://seclists.org/fulldisclosure/2014/May/141 http://secunia.com/advisories/59732 http://secunia.com/advisories/59873 • CWE-264: Permissions, Privileges, and Access Controls CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •