Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability

Bugtraq ID: 65767
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2013-4322
Remote: Yes
Local: No
Published: Dec 26 2013 12:00AM
Updated: Oct 26 2016 07:12AM
Credit: Apache Tomcat security team and Saran Neti of TELUS Security Labs.
Vulnerable: VMWare vCenter Server 5.5
VMWare vCenter Server 5.1
VMWare vCenter Server 5.0
Ubuntu Ubuntu Linux 13.10
Ubuntu Ubuntu Linux 12.10
Ubuntu Ubuntu Linux 12.04 LTS
Ubuntu Ubuntu Linux 10.04.LTS
Redhat JBoss Enterprise Web Server EL6 2.0
Redhat JBoss Enterprise Web Server EL5 2.0
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server EUS 6.5.z
Redhat Enterprise Linux Server AUS 6.5
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 7
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 7
Redhat Enterprise Linux Desktop 6
Oracle Enterprise Linux 7
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Communications Policy Management 12.1.1
Oracle Communications Policy Management 10.4.1
Oracle Communications Policy Management 9.9.1
Oracle Communications Policy Management 9.7.3
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Juniper Security Threat Response Manager 2013.2
Juniper Secure Analytics 2013.2
IBM WebSphere Message Broker for z/OS 8.0
IBM WebSphere Message Broker 8.0
IBM WebSphere Message Broker 7.0.0
IBM WebSphere Application Server Community Edition 3.0.0.4
IBM WebSphere Application Server Community Edition 2.1.1.6
IBM UrbanCode Release 6.0.1
IBM UrbanCode Release 6.0.1.3
IBM UrbanCode Release 6.0.1.2
IBM UrbanCode Release 6.0.1.1
IBM UrbanCode Release 6.0.0.1
IBM UrbanCode Release 6.0
IBM Tivoli Application Dependency Discovery Manager 7.2.2
IBM Tivoli Application Dependency Discovery Manager 7.2.1
IBM Tivoli Application Dependency Discovery Manager 7.2.0
IBM Tivoli Application Dependency Discovery Manager 7.1.2
IBM Storwize V7000 Unified 1.4.3 2
IBM Storwize V7000 Unified 1.4 1
IBM Storwize V7000 Unified 1.4 0
IBM Storwize V7000 Unified 1.3.2 3
IBM Storwize V7000 Unified 1.3.2 1
IBM Storwize V7000 Unified 1.3.2 0
IBM Storwize V7000 Unified 1.4.3.0
IBM Storwize V7000 Unified 1.4.2.1
IBM Storwize V7000 Unified 1.4.2.0
IBM Storwize V7000 Unified 1.4.1.1
IBM Storwize V7000 Unified 1.4.1.0
IBM Storwize V7000 Unified 1.3.1.0
IBM Storwize V7000 Unified 1.3.0.5
IBM Storwize V7000 Unified 1.3.0.0
IBM Storwize V7000 7.3
IBM Storwize V7000 7.2
IBM Storwize V7000 7.1
IBM Storwize V7000 6.4
IBM Storwize V7000 6.3
IBM Storwize V7000 6.2
IBM Storwize V7000 6.1
IBM Storwize V5000 7.3
IBM Storwize V5000 7.2
IBM Storwize V5000 7.1
IBM Storwize V5000 6.4
IBM Storwize V5000 6.3
IBM Storwize V5000 6.2
IBM Storwize V5000 6.1
IBM Storwize V3700 7.3
IBM Storwize V3700 7.2
IBM Storwize V3700 7.1
IBM Storwize V3700 6.4
IBM Storwize V3700 6.3
IBM Storwize V3700 6.2
IBM Storwize V3700 6.1
IBM Storwize V3500 7.3
IBM Storwize V3500 7.2
IBM Storwize V3500 7.1
IBM Storwize V3500 6.4
IBM Storwize V3500 6.3
IBM Storwize V3500 6.2
IBM Storwize V3500 6.1
IBM SOAP Gateway component of the IMS Enterprise Suite 3.1
IBM SOAP Gateway component of the IMS Enterprise Suite 2.2
IBM Security AppScan Enterprise 9.0 0
IBM Security AppScan Enterprise 8.8
IBM Security AppScan Enterprise 8.7
IBM Security AppScan Enterprise 8.6
IBM Security AppScan Enterprise 8.5
IBM Scale Out Network Attached Storage 1.3.2 1-21
IBM Scale Out Network Attached Storage 1.3.2 1-20
IBM Scale Out Network Attached Storage 1.3.2
IBM Scale Out Network Attached Storage 1.3.1
IBM Scale Out Network Attached Storage 1.4.3.2
IBM Scale Out Network Attached Storage 1.4.3.1
IBM Scale Out Network Attached Storage 1.4.3.0
IBM Scale Out Network Attached Storage 1.4.2.1
IBM Scale Out Network Attached Storage 1.4.2.0
IBM Scale Out Network Attached Storage 1.4.1.0
IBM Scale Out Network Attached Storage 1.3.2.3
IBM Scale Out Network Attached Storage 1.3.2.2
IBM Scale Out Network Attached Storage 1.3.0.5
IBM Scale Out Network Attached Storage 1.3.0.4
IBM Scale Out Network Attached Storage 1.3.0.0
IBM SAN Volume Controller 7.3
IBM SAN Volume Controller 7.2
IBM SAN Volume Controller 7.1
IBM SAN Volume Controller 6.4
IBM SAN Volume Controller 6.3
IBM SAN Volume Controller 6.2
IBM SAN Volume Controller 6.1
IBM Rational Test Workbench 8.5 2
IBM Rational Test Workbench 8.5 1
IBM Rational Test Workbench 8.0.1 4
IBM Rational Test Workbench 8.0.1 3
IBM Rational Test Workbench 8.0.1 2
IBM Rational Test Workbench 8.0.1 1
IBM Rational Test Workbench 8.0.1
IBM Rational Test Workbench 8.0 3
IBM Rational Test Workbench 8.0 2
IBM Rational Test Workbench 8.0 1
IBM Rational Test Workbench 8.5
IBM Rational Test Workbench 8.0
IBM Rational SAP Connector 4.0.0.3
IBM Rational SAP Connector 4.0.0.2
IBM Rational SAP Connector 4.0.0.1
IBM Rational Policy Tester 8.5
IBM Rational Lifecycle Adapter for HP ALM 1.1
IBM Rational Lifecycle Adapter for HP ALM 1.0
IBM Rational DOORS Web Access 9.5.2 1
IBM Rational DOORS Web Access 9.5.2
IBM Rational DOORS Web Access 9.5.1 1
IBM Rational DOORS Web Access 9.5.1
IBM Rational DOORS Web Access 9.5 1
IBM Rational DOORS Web Access 1.5 1
IBM Rational DOORS Web Access 1.4 5
IBM Rational DOORS Web Access 1.4 4
IBM Rational DOORS Web Access 9.6
IBM Rational DOORS Web Access 9.5
IBM Rational DOORS Web Access 1.5
IBM QRadar Security Information and Event Manager 7.2 MR2
IBM QRadar Security Information and Event Manager 7.1 MR2
IBM OpenPages GRC Platform 7.0
IBM OpenPages GRC Platform 6.2.1
IBM OpenPages GRC Platform 6.1.0.1
IBM OpenPages GRC Platform 6.0.1.5
IBM Integration Bus for z/OS 9.0.0.0
IBM Integration Bus 9.0.0.0
IBM Flex System V7000 7.3
IBM Flex System V7000 7.2
IBM Flex System V7000 7.1
IBM Flex System V7000 6.4
IBM Flex System V7000 6.3
IBM Flex System V7000 6.2
IBM Flex System V7000 6.1
IBM FlashSystem 840 9848-AE1
IBM FlashSystem 840 9846-AE1
IBM Cognos TM1 10.2.2
IBM Cognos TM1 10.1.1.2
IBM Cognos Express 9.5
IBM Cognos Express 10.2.1
IBM Cognos Express 10.1
IBM Cognos Business Intelligence Server 10.2.1
IBM Cognos Business Intelligence Server 10.1.1
IBM Cognos Business Intelligence Server 8.4.1
IBM Cognos Business Intelligence Server 10.2
IBM Cognos Business Intelligence Server 10.1
IBM CCR Drop 13.7
IBM CCR Drop 13.5
IBM CCR 5.0
IBM CCR 4.9
IBM ARA 2.5.7 2
IBM ARA 2.5.7 1
IBM ARA 2.5.6
IBM ARA 2.5.5 2
IBM ARA 2.5.5
IBM ARA 2.5.4
IBM ARA 2.5.3
IBM ARA 2.5.2
IBM ARA 2.5.1
IBM ARA 2.5
IBM ARA 2.4.2
IBM ARA 2.4.1
IBM ARA 2.4 1
IBM Algo One 5.0
IBM Algo One 4.9
IBM Algo One 4.8
IBM Algo One 4.7.1
IBM Algo One 4.7
IBM Algo One 4.9.1
IBM Algo Audit and Compliance 2.1.0.2
IBM Algo Audit and Compliance 2.1
HP OpenVMS CSWS_JAVA 7.0.29
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
Avaya Secure Access Link Gateway 2.1
Avaya Secure Access Link Gateway 1.8
Avaya Secure Access Link Gateway 1.5
Avaya Proactive Contact 5.1
Avaya Proactive Contact 5.0
Avaya Messaging Application Server 5.2.1
Avaya Messaging Application Server 5.0.1
Avaya Messaging Application Server 5.2
Avaya Messaging Application Server 5.0
Avaya Messaging Application Server 5
Avaya Messaging Application Server 4
Avaya Meeting Exchange 5.0 .0.52
Avaya Meeting Exchange 5.2 SP2
Avaya Meeting Exchange 5.2 SP1
Avaya Meeting Exchange 5.2
Avaya Meeting Exchange 5.1 SP1
Avaya Meeting Exchange 5.1
Avaya Meeting Exchange 5.0 SP2
Avaya Meeting Exchange 5.0 SP1
Avaya Meeting Exchange 5.0
Avaya IQ 5.2
Avaya IP Office Server Edition 9.0
Avaya IP Office Server Edition 8.1
Avaya IP Office Application Server 9.0 SP 2
Avaya IP Office Application Server 9.0 SP 1
Avaya IP Office Application Server 9.0
Avaya IP Office Application Server 8.1
Avaya IP Office Application Server 8.0
Avaya Communication Server 1000M Signaling Server 7.6
Avaya Communication Server 1000M Signaling Server 7.5
Avaya Communication Server 1000M Signaling Server 7.0
Avaya Communication Server 1000M Signaling Server 6.0
Avaya Communication Server 1000M 7.6
Avaya Communication Server 1000M 7.5
Avaya Communication Server 1000M 7.0
Avaya Communication Server 1000M 6.0
Avaya Communication Server 1000E Signaling Server 7.6
Avaya Communication Server 1000E Signaling Server 7.5
Avaya Communication Server 1000E Signaling Server 7.0
Avaya Communication Server 1000E Signaling Server 6.0
Avaya Communication Server 1000E 7.6
Avaya Communication Server 1000E 7.5
Avaya Communication Server 1000E 7.0
Avaya Communication Server 1000E 6.0
Avaya Aura Utility Services 6.3
Avaya Aura Utility Services 6.2
Avaya Aura System Platform 6.2.2
Avaya Aura System Platform 6.2.1
Avaya Aura System Platform 6.0.2
Avaya Aura System Platform 6.0.1
Avaya Aura System Platform 6.3
Avaya Aura System Platform 6.2.1.0.9
Avaya Aura System Platform 6.2 SP1
Avaya Aura System Platform 6.2
Avaya Aura System Platform 6.0.3.9.3
Avaya Aura System Platform 6.0.3.8.3
Avaya Aura System Platform 6.0.3.0.3
Avaya Aura System Platform 6.0 SP3
Avaya Aura System Platform 6.0 SP2
Avaya Aura System Platform 6.0
Avaya Aura Presence Services 6.1.2
Avaya Aura Presence Services 6.1.1
Avaya Aura Presence Services 6.2
Avaya Aura Presence Services 6.1 SP2
Avaya Aura Presence Services 6.1 SP1
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.0
Avaya Aura Presence Services 5.2
Avaya Aura Messaging 6.1.1
Avaya Aura Messaging 6.3
Avaya Aura Messaging 6.2 SP4
Avaya Aura Messaging 6.2
Avaya Aura Messaging 6.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Messaging 6.0.1
Avaya Aura Messaging 6.0
Avaya Aura Experience Portal 6.0.2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0.1
Avaya Aura Experience Portal 6.0 SP2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0 SP1
Avaya Aura Experience Portal 6.0
Avaya Aura Conferencing 7.0
Avaya Aura Conferencing 6.0 SP1 Standard
Avaya Aura Application Server 5300 SIP Core 3.0
Avaya Aura Application Server 5300 SIP Core 2.1
Avaya Aura Application Server 5300 SIP Core 2.0
Avaya Aura Application Enablement Services 5.2.1
Avaya Aura Application Enablement Services 4.2.4
Avaya Aura Application Enablement Services 4.2.3
Avaya Aura Application Enablement Services 4.2.2
Avaya Aura Application Enablement Services 4.2.1
Avaya Aura Application Enablement Services 4.0.1
Avaya Aura Application Enablement Services 3.1.6
Avaya Aura Application Enablement Services 3.1.5
Avaya Aura Application Enablement Services 3.1.4
Avaya Aura Application Enablement Services 3.1.3
Avaya Aura Application Enablement Services 6.3
Avaya Aura Application Enablement Services 6.2
Avaya Aura Application Enablement Services 6.1.2
Avaya Aura Application Enablement Services 6.1.1
Avaya Aura Application Enablement Services 6.1
Avaya Aura Application Enablement Services 6.0
Avaya Aura Application Enablement Services 5.2.4
Avaya Aura Application Enablement Services 5.2.3
Avaya Aura Application Enablement Services 5.2.2
Avaya Aura Application Enablement Services 5.2
Avaya Aura Application Enablement Services 5.0
Avaya Aura Application Enablement Services 4.2
Avaya Aura Application Enablement Services 4.1
Avaya Aura Application Enablement Services 4.0
Avaya Aura Application Enablement Services 3.1
Avaya Aura Application Enablement Services 3.0
Apache Tomcat 7.0.33
Apache Tomcat 7.0.32
Apache Tomcat 7.0.31
Apache Tomcat 7.0.30
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.27
Apache Tomcat 7.0.26
Apache Tomcat 7.0.25
Apache Tomcat 7.0.24
Apache Tomcat 7.0.23
Apache Tomcat 7.0.16
Apache Tomcat 7.0.15
Apache Tomcat 7.0.14
Apache Tomcat 7.0.13
Apache Tomcat 7.0.12
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0 beta
Apache Tomcat 7.0
Apache Tomcat 6.0.37
Apache Tomcat 6.0.36
Apache Tomcat 6.0.35
Apache Tomcat 6.0.29
Apache Tomcat 6.0.28
Apache Tomcat 6.0.27
Apache Tomcat 6.0.26
Apache Tomcat 6.0.25
Apache Tomcat 6.0.24
Apache Tomcat 6.0.20
Apache Tomcat 6.0.18
Apache Tomcat 6.0.17
Apache Tomcat 6.0.16
Apache Tomcat 6.0.15
Apache Tomcat 6.0.14
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.9
Apache Tomcat 6.0.8
Apache Tomcat 6.0.7
Apache Tomcat 6.0.6
Apache Tomcat 6.0.5
Apache Tomcat 6.0.4
Apache Tomcat 6.0.3
Apache Tomcat 6.0.2
Apache Tomcat 6.0.1
Apache Tomcat 6.0 alpha
Apache Tomcat 6.0
Apache Tomcat 8.0.0-RC5
Apache Tomcat 8.0.0-RC1
Apache Tomcat 7.0.5
Apache Tomcat 7.0.47
Apache Tomcat 7.0.46
Apache Tomcat 7.0.45
Apache Tomcat 7.0.44
Apache Tomcat 7.0.43
Apache Tomcat 7.0.42
Apache Tomcat 7.0.41
Apache Tomcat 7.0.40
Apache Tomcat 7.0.39
Apache Tomcat 7.0.38
Apache Tomcat 7.0.37
Apache Tomcat 7.0.36
Apache Tomcat 7.0.35
Apache Tomcat 7.0.34
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.2 Beta
Apache Tomcat 7.0.19
Apache Tomcat 7.0.18
Apache Tomcat 7.0.17
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Apache Tomcat 7.0
Apache Tomcat 6.0.8 Alpha
Apache Tomcat 6.0.7 Beta
Apache Tomcat 6.0.7 Alpha
Apache Tomcat 6.0.6 Alpha
Apache Tomcat 6.0.4 Alpha
Apache Tomcat 6.0.33
Apache Tomcat 6.0.32
Apache Tomcat 6.0.31
Apache Tomcat 6.0.30
Apache Tomcat 6.0.2 Beta
Apache Tomcat 6.0.2 Alpha
Apache Tomcat 6.0.19
Apache Tomcat 6.0.1 Alpha
Not Vulnerable: VMWare vCenter Server 5.5 Update 2
Juniper Security Threat Response Manager 2013.2R8
Juniper Secure Analytics 2014.2R3
Juniper Secure Analytics 2014.2R2
Juniper Secure Analytics 2013.2R8
IBM UrbanCode Release 6.0.1.4
IBM Tivoli Application Dependency Discovery Manager 7.2.2.1
IBM Tivoli Application Dependency Discovery Manager 7.2.1.6
IBM Tivoli Application Dependency Discovery Manager 7.2.0.10
IBM Storwize V7000 Unified 1.4.3 3
IBM Storwize V7000 7.3.0.5
IBM Storwize V7000 7.2.0.8
IBM Storwize V5000 7.3.0.5
IBM Storwize V5000 7.2.0.8
IBM Storwize V3700 7.3.0.5
IBM Storwize V3700 7.2.0.8
IBM Storwize V3500 7.3.0.5
IBM Storwize V3500 7.2.0.8
IBM SAN Volume Controller 7.3.0.5
IBM SAN Volume Controller 7.2.0.8
IBM Rational SAP Connector 4.0.0.4
IBM OpenPages GRC Platform 6.1.0.1.4
IBM Flex System V7000 7.3.0.5
IBM Flex System V7000 7.2.0.8
Apache Tomcat 7.0.50
Apache Tomcat 8.0.0-RC10
Apache Tomcat 6.0.39


 

Privacy Statement
Copyright 2010, SecurityFocus