#VU32708 Input validation error in Apache Tomcat - CVE-2013-0338
Vulnerability identifier: #VU32708
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Apache Tomcat
Server applications /
Web servers
Vendor: Apache Foundation
Description
The vulnerability allows context-dependent attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Apache Tomcat: 6.0.19
External links
https://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
https://lists.opensuse.org/opensuse-updates/2013-03/msg00112.html
https://lists.opensuse.org/opensuse-updates/2013-03/msg00114.html
https://marc.info/?l=bugtraq&m=142798889927587&w=2
https://secunia.com/advisories/52662
https://secunia.com/advisories/55568
https://www.debian.org/security/2013/dsa-2652
https://www.mandriva.com/security/advisories?name=MDVSA-2013:056
https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
https://www.ubuntu.com/usn/USN-1782-1
https://bugzilla.redhat.com/show_bug.cgi?id=912400
https://git.gnome.org/browse/libxml2/commit/?id=23f05e0c33987d6605387b300c4be5da2120a7ab
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
