CVE-2013-4286

NameCVE-2013-4286
DescriptionApache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-91-1, DSA-2897-1, DSA-3530-1

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tomcat6sourcesqueeze6.0.41-2+squeeze5DLA-91-1
tomcat6sourcewheezy6.0.45+dfsg-1~deb7u1DSA-3530-1
tomcat6source(unstable)6.0.39
tomcat7sourcewheezy7.0.28-4+deb7u1DSA-2897-1
tomcat7source(unstable)7.0.47
tomcat8source(unstable)8.0.0

Search for package or bug name: Reporting problems