tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: How can I analog this bug to my colleague
Date Fri, 22 Aug 2014 08:50:04 GMT
On 22/08/2014 03:31, 小咸鱼 wrote:
> I read  an  article  on  the  internet  that  says  that  Tomcat was
> found to accept content-length headers with chunked encoding over any
> HTTP connector and multiple content-length headers in a request when
> using the AJP connector. This could allow attackers to poison a
> web-cache, bypass web application firewall protection, or conduct
> cross-site scripting attacks. the  article  is
> https://bugzilla.redhat.com/show_bug.cgi?id=1069921    so   I  want
> to  know  how  can  I  produce  this  bug  again   to  show  the
> processor  of  the  bug   to  my  colleague , what  should  I  do  to
> produce  the  bug  again ,  I  am   looking  forward for  your  reply
> !!!  thanks  a  lot

This is CVE-2013-4286.

There is enough information in the vulnerability report [1] for a
competent security professional to understand how the issue occurs, how
to reproduce the issue and how to mitigate the issue.

This isn't hacker school. If you can't work out how to reproduce the
issue from the information available, the folks here aren't going to
provide you with an idiot proof recipe that any script kiddie can then use.

If you want to recreate this issue you are going to have to do some more
research based on the information you already have until you understand
the issue well enough to be able to recreate it. I suggest you start
looking into security vulnerabilities involving multiple content length
headers.

Mark


[1] http://markmail.org/message/yvxny4p2lwhfzha7
> 
> 
> 
> 
> 
> 
> 
> wangchao 2014/08/22
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message