Oval Definition:oval:org.mitre.oval:def:26848
Revision Date:2014-12-15Version:19
Title:HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
Description:Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2013-4286
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • HP-UX B.11.23
  • AND filesets test
  • hpuxws22APCH32.APACHE version is less than B.2.2.15.21
  • OR hpuxws22APCH32.APACHE2 version is less than B.2.2.15.21
  • OR hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.21
  • OR hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.21
  • OR hpuxws22APCH32.MOD_JK version is less than B.2.2.15.21
  • OR hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.21
  • OR hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.21
  • OR hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.21
  • OR hpuxws22APCH32.PHP version is less than B.2.2.15.21
  • OR hpuxws22APCH32.PHP2 version is less than B.2.2.15.21
  • OR hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.21
  • OR hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.21
  • OR hpuxws22APACHE.APACHE version is less than B.2.2.15.21
  • OR hpuxws22APACHE.APACHE2 version is less than B.2.2.15.21
  • OR hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.21
  • OR hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.21
  • OR hpuxws22APACHE.MOD_JK version is less than B.2.2.15.21
  • OR hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.21
  • OR hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.21
  • OR hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.21
  • OR hpuxws22APACHE.PHP version is less than B.2.2.15.21
  • OR hpuxws22APACHE.PHP2 version is less than B.2.2.15.21
  • OR hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.21
  • OR hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.21
  • OR hpuxws22TOMCAT.TOMCAT version is less than B.2.2.15.21
  • BACK