PublicDateAtUSN: 2014-05-31 Candidate: CVE-2014-0099 PublicDate: 2014-05-31 11:17:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099 https://ubuntu.com/security/notices/USN-2302-1 Description: Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. Ubuntu-Description: It was discovered that Tomcat incorrectly handled certain Content-Length headers. A remote attacker could use this flaw in configurations where Tomcat is behind a reverse proxy to perform HTTP request smuggling attacks. Notes: Bugs: Priority: medium Discovered-by: Assigned-to: mdeslaur CVSS: Patches_tomcat6: upstream: http://svn.apache.org/viewvc?view=revision&revision=1580473 upstream_tomcat6: released (6.0.41-1) lucid_tomcat6: released (6.0.24-2ubuntu1.16) precise_tomcat6: released (6.0.35-1ubuntu3.5) precise/esm_tomcat6: released (6.0.35-1ubuntu3.5) saucy_tomcat6: ignored (reached end-of-life) trusty_tomcat6: released (6.0.39-1ubuntu0.1) trusty/esm_tomcat6: released (6.0.39-1ubuntu0.1) utopic_tomcat6: not-affected (6.0.41-1) vivid_tomcat6: not-affected (6.0.41-1) vivid/stable-phone-overlay_tomcat6: DNE vivid/ubuntu-core_tomcat6: DNE wily_tomcat6: not-affected (6.0.41-1) xenial_tomcat6: not-affected (6.0.41-1) yakkety_tomcat6: DNE zesty_tomcat6: DNE artful_tomcat6: DNE bionic_tomcat6: DNE devel_tomcat6: DNE Patches_tomcat7: upstream: http://svn.apache.org/viewvc?view=revision&revision=1578814 upstream_tomcat7: released (7.0.53-1) lucid_tomcat7: DNE precise_tomcat7: ignored (reached end-of-life) precise/esm_tomcat7: DNE (precise was needed) saucy_tomcat7: ignored (reached end-of-life) trusty_tomcat7: released (7.0.52-1ubuntu0.1) trusty/esm_tomcat7: released (7.0.52-1ubuntu0.1) utopic_tomcat7: not-affected (7.0.53-1) vivid_tomcat7: not-affected (7.0.53-1) vivid/stable-phone-overlay_tomcat7: DNE vivid/ubuntu-core_tomcat7: DNE wily_tomcat7: not-affected (7.0.53-1) xenial_tomcat7: not-affected (7.0.53-1) yakkety_tomcat7: not-affected (7.0.53-1) zesty_tomcat7: not-affected (7.0.53-1) artful_tomcat7: not-affected (7.0.53-1) bionic_tomcat7: not-affected (7.0.53-1) devel_tomcat7: not-affected (7.0.53-1) Patches_tomcat8: upstream_tomcat8: released (8.0.5-1) lucid_tomcat8: DNE precise_tomcat8: DNE precise/esm_tomcat8: DNE saucy_tomcat8: DNE trusty_tomcat8: DNE trusty/esm_tomcat8: DNE utopic_tomcat8: not-affected (8.0.9-1) vivid_tomcat8: not-affected (8.0.9-1) vivid/stable-phone-overlay_tomcat8: DNE vivid/ubuntu-core_tomcat8: DNE wily_tomcat8: not-affected (8.0.9-1) xenial_tomcat8: not-affected (8.0.9-1) esm-infra/xenial_tomcat8: not-affected (8.0.9-1) yakkety_tomcat8: not-affected (8.0.9-1) zesty_tomcat8: not-affected (8.0.9-1) artful_tomcat8: not-affected (8.0.9-1) bionic_tomcat8: not-affected (8.0.9-1) devel_tomcat8: not-affected (8.0.9-1)