Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 10 Oct 2023 15:41:32 -0300
From: Mark Thomas <markt@...che.org>
To: oss-security@...ts.openwall.com
Subject: CVE-2023-45648: Apache Tomcat: Trailer header parsing too lenient

Severity: important

Affected versions:

- Apache Tomcat 11.0.0-M1 through 11.0.0-M11
- Apache Tomcat 10.1.0-M1 through 10.1.13
- Apache Tomcat 9.0.0-M1 through 9.0.81
- Apache Tomcat 8.5.0 through 8.5.93

Description:

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 
11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 
9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly 
parse HTTP trailer headers. A specially
crafted, invalid trailer header could cause Tomcat to treat a single
request as multiple requests leading to the possibility of request
smuggling when behind a reverse proxy.

Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 
onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.

Credit:

Keran Mu and Jianjun Chen from Tsinghua University and Zhongguancun 
Laboratory (finder)

References:

https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp
https://tomcat.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-45648

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.