CVE-2012-3544
published 2013-06-01CVE-2012-3544: Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to…
PriorityP429medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
11.00%
95.3th percentile
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
Affected
186 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | tomcat | <= 6.0.37 | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
ghsa5.0MEDIUM
osv5.0MEDIUM
vendor_apache5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Apache Tomcat Denial of Service vulnerability
osv·2022-05-14·CVSS 5.0
CVE-2013-4322 [MEDIUM] Apache Tomcat Denial of Service vulnerability
Apache Tomcat Denial of Service vulnerability
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
GHSA
Apache Tomcat Vulnerable to Denial of Service (DoS) via Improper Handling of chunk extensions
ghsa·2022-05-14
CVE-2012-3544 [MEDIUM] CWE-20 Apache Tomcat Vulnerable to Denial of Service (DoS) via Improper Handling of chunk extensions
Apache Tomcat Vulnerable to Denial of Service (DoS) via Improper Handling of chunk extensions
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
OSV
Apache Tomcat Vulnerable to Denial of Service (DoS) via Improper Handling of chunk extensions
osv·2022-05-14
CVE-2012-3544 [MEDIUM] Apache Tomcat Vulnerable to Denial of Service (DoS) via Improper Handling of chunk extensions
Apache Tomcat Vulnerable to Denial of Service (DoS) via Improper Handling of chunk extensions
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
GHSA
Apache Tomcat Denial of Service vulnerability
ghsa·2022-05-14·CVSS 5.0
CVE-2013-4322 [MEDIUM] CWE-400 Apache Tomcat Denial of Service vulnerability
Apache Tomcat Denial of Service vulnerability
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
OSV
CVE-2013-4322: Apache Tomcat before 6
osv·2014-02-26·CVSS 5.0
CVE-2013-4322 [MEDIUM] CVE-2013-4322: Apache Tomcat before 6
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
OSV
CVE-2012-3544: Apache Tomcat 6
osv·2012-12-31·CVSS 5.0
CVE-2012-3544 [MEDIUM] CVE-2012-3544: Apache Tomcat 6
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
Red Hat
tomcat: incomplete fix for CVE-2012-3544
vendor_redhat·2014-02-25·CVSS 5.0
CVE-2013-4322 [MEDIUM] tomcat: incomplete fix for CVE-2012-3544
tomcat: incomplete fix for CVE-2012-3544
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat and JBoss Web processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and
Ubuntu
Tomcat vulnerabilities
vendor_ubuntu·2013-05-28·CVSS 5.0
CVE-2012-3544 [MEDIUM] Tomcat vulnerabilities
Title: Tomcat vulnerabilities
Summary: Several security issues were fixed in Tomcat.
It was discovered that Tomcat incorrectly handled certain requests
submitted using chunked transfer encoding. A remote attacker could use this
flaw to cause the Tomcat server to stop responding, resulting in a denial
of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS.
(CVE-2012-3544)
It was discovered that Tomcat incorrectly handled certain authentication
requests. A remote attacker could possibly use this flaw to inject a
request that would get executed with a victim's credentials. This issue
only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10.
(CVE-2013-2067)
It was discovered that Tomcat sometimes exposed elements of a previous
request to the current request. T
Red Hat
tomcat: Limited DoS in chunked transfer encoding input filter
vendor_redhat·2013-05-10·CVSS 5.0
CVE-2012-3544 [MEDIUM] tomcat: Limited DoS in chunked transfer encoding input filter
tomcat: Limited DoS in chunked transfer encoding input filter
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
Statement: This flaw affects Apache Tomcat 6.0.30 - 6.0.36 and 7.0.0 - 7.0.29. It does not affect JBoss Web.
Package: tomcat5 (Red Hat Enterprise Linux 5) - Not affected
Package: tomcat6 (Red Hat Enterprise Linux 6) - Not affected
Package: jbossweb (Red Hat JBoss Enterprise Application Platform 6) - Not affected
Package: tomcat5 (Red Hat JBoss Enterprise Web Server 1) - Not affected
Package: tomcat6 (Red Hat JBoss Enterprise Web Server 1) - Will not fix
Apache
Apache tomcat: CVE-2012-3544
vendor_apache·CVSS 5.0
CVE-2012-3544 [MEDIUM] Apache tomcat: CVE-2012-3544
Apache tomcat: CVE-2012-3544
was not complete. It did not cover the following cases: chunk extensions were not limited whitespace after the : in a trailing header was not limited This was fixed in revisions 1521834 and 1549522 . The first part of this issue was identified by the Apache Tomcat security team on 27 August 2013 and the second part by Saran Neti of TELUS Security Labs on 5 November 2013. It was made public on 25 February 2014. Affects: 8.0.0-RC1 to 8.0.0-RC5 Low: Information disclosure
Suricata
ET MALWARE Dooptroop CnC Beacon
suricata·2012-01-10
CVE-2011-3544 ET MALWARE Dooptroop CnC Beacon
ET MALWARE Dooptroop CnC Beacon
Rule: alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Dooptroop CnC Beacon"; flow:established,to_server; http.method; content:"GET"; http.uri; content:".php?num="; fast_pattern; content:"&rev="; distance:0; pcre:"/^\/[a-z]+\.php\?num=\d+&rev=/"; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; reference:url,blog.eset.com/2012/03/17/drive-by-ftp-a-new-view-of-cve-2011-3544; classtype:command-and-control; sid:2014112; rev:7; metadata:attack_target Client_Endpoint, created_at 2012_01_10, deployment Perimeter, signature_severity Major, tag c2, updated_at 2024_04_20, mitre_tactic_id TA0010, mitre_tactic_name Exfiltration, mitre_technique_id T1041, mitre_technique_name Exfiltration_Over_C2_Channel;)
Suricata
ET MALWARE Dooptroop Dropper Checkin
suricata·2011-04-07
CVE-2011-3544 ET MALWARE Dooptroop Dropper Checkin
ET MALWARE Dooptroop Dropper Checkin
Rule: alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Dooptroop Dropper Checkin"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/nconfirm.php?"; fast_pattern; content:"rev="; distance:0; content:"code="; content:"param="; content:"num="; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; reference:url,blog.eset.com/2012/03/17/drive-by-ftp-a-new-view-of-cve-2011-3544; classtype:command-and-control; sid:2013808; rev:6; metadata:created_at 2011_04_07, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_20;)
No public exploits indexed.
Bugzilla
CVE-2013-4322 tomcat: incomplete fix for CVE-2012-3544
bugzilla·2014-02-25·CVSS 5.0
CVE-2013-4322 [MEDIUM] CVE-2013-4322 tomcat: incomplete fix for CVE-2012-3544
CVE-2013-4322 tomcat: incomplete fix for CVE-2012-3544
The fix for CVE-2012-3544 was not complete. It did not cover the following cases:
a) Chunk extensions were not limited
b) Whitespace after the : in a trailing header was not limited
This has been corrected in upstream versions 8.0.0-rc10 [1],[2], 7.0.50 [3],[4], and 6.0.39 [5]
[1] http://svn.apache.org/viewvc?view=revision&revision=1521834
[2] http://svn.apache.org/viewvc?view=revision&revision=1549522
[3] http://svn.apache.org/viewvc?view=revision&revision=1521864
[4] http://svn.apache.org/viewvc?view=revision&revision=1549523
[5] http://svn.apache.org/viewvc?view=revision&revision=1556540
This could lead to a remote attacker causing a denial of service by streaming data, because Tomcat did not fully handle chunk extensions in ch
Bugzilla
CVE-2012-3544 tomcat: Limited DoS in chunked transfer encoding input filter
bugzilla·2013-05-10·CVSS 5.0
CVE-2012-3544 [MEDIUM] CVE-2012-3544 tomcat: Limited DoS in chunked transfer encoding input filter
CVE-2012-3544 tomcat: Limited DoS in chunked transfer encoding input filter
A denial of service flaw was found in the way chunked transfer encoding input filter of Apache Tomcat, an Apache Servlet/JSP Engine, processed CRLF sequences at the end of data chunks in certain circumstances. When the chunked transfer encoding was enabled, a remote attacker could issue a specially-crafted request that, when processed would lead to (limited) denial of service of the Apache Tomcat server.
Relevant upstream patch:
* for Apache Tomcat 6.x:
http://svn.apache.org/viewvc?view=revision&revision=1476592
* for Apache Tomcat 7:x:
http://svn.apache.org/viewvc?view=rev&rev=1378702
http://svn.apache.org/viewvc?view=rev&rev=1378921
Discussion:
This issue did NOT affect the versions of the tomcat package, as
Bugzilla
CVE-2013-2067 CVE-2012-3544 tomcat6 various flaws [fedora-all]
bugzilla·2013-05-10·CVSS 5.0
CVE-2013-2067 [MEDIUM] CVE-2013-2067 CVE-2012-3544 tomcat6 various flaws [fedora-all]
CVE-2013-2067 CVE-2012-3544 tomcat6 various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple s
http://archives.neohapsis.com/archives/bugtraq/2013-05/0042.htmlhttp://seclists.org/fulldisclosure/2014/Dec/23http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?r1=1476592&r2=1476591&pathrev=1476592http://svn.apache.org/viewvc?view=revision&revision=1378702http://svn.apache.org/viewvc?view=revision&revision=1378921http://svn.apache.org/viewvc?view=revision&revision=1476592http://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-7.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlhttp://www.securityfocus.com/archive/1/534161/100/0/threadedhttp://www.securityfocus.com/bid/59797http://www.securityfocus.com/bid/64758http://www.ubuntu.com/usn/USN-1841-1http://www.vmware.com/security/advisories/VMSA-2014-0012.htmlhttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3Ehttp://archives.neohapsis.com/archives/bugtraq/2013-05/0042.htmlhttp://seclists.org/fulldisclosure/2014/Dec/23http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?r1=1476592&r2=1476591&pathrev=1476592http://svn.apache.org/viewvc?view=revision&revision=1378702http://svn.apache.org/viewvc?view=revision&revision=1378921http://svn.apache.org/viewvc?view=revision&revision=1476592http://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-7.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlhttp://www.securityfocus.com/archive/1/534161/100/0/threadedhttp://www.securityfocus.com/bid/59797http://www.securityfocus.com/bid/64758http://www.ubuntu.com/usn/USN-1841-1http://www.vmware.com/security/advisories/VMSA-2014-0012.htmlhttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
2013-06-01
Published