Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:REQERR:POST-MISSING-DATA

Severity

 Medium

Recommended

 Yes

Category

 HTTP

Keywords

 POST Submission Missing Data

Release Date

 2013/01/30

Update Number

 2229

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: POST Submission Missing Data


This signature detects a POST submission that does not include the POST data in the first packet payload. This may be an indication of a Denial of Service (DoS) using the 'Slowloris' technique. It also may be a non-malicious submission with a low MTU.

Extended Description

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.

Affected Products

  • apache tomcat 6.0
  • apache tomcat 6.0.0 (alpha)
  • apache tomcat 6.0.10
  • apache tomcat 6.0.11
  • apache tomcat 6.0.12
  • apache tomcat 6.0.13
  • apache tomcat 6.0.14
  • apache tomcat 6.0.15
  • apache tomcat 6.0.16
  • apache tomcat 6.0.17
  • apache tomcat 6.0.18
  • apache tomcat 6.0.19
  • apache tomcat 6.0.1 (alpha)
  • apache tomcat 6.0.20
  • apache tomcat 6.0.24
  • apache tomcat 6.0.26
  • apache tomcat 6.0.27
  • apache tomcat 6.0.28
  • apache tomcat 6.0.29
  • apache tomcat 6.0.2 (alpha)
  • apache tomcat 6.0.2 (beta)
  • apache tomcat 6.0.3
  • apache tomcat 6.0.30
  • apache tomcat 6.0.31
  • apache tomcat 6.0.32
  • apache tomcat 6.0.33
  • apache tomcat 6.0.35
  • apache tomcat 6.0.36
  • apache tomcat 6.0.4 (alpha)
  • apache tomcat 6.0.5
  • apache tomcat 6.0.6 (alpha)
  • apache tomcat 6.0.7 (alpha)
  • apache tomcat 6.0.7 (beta)
  • apache tomcat 6.0.8 (alpha)
  • apache tomcat 6.0.9 (beta)
  • apache tomcat 7.0.0 (beta)
  • apache tomcat 7.0.1
  • apache tomcat 7.0.10
  • apache tomcat 7.0.11
  • apache tomcat 7.0.12
  • apache tomcat 7.0.13
  • apache tomcat 7.0.14
  • apache tomcat 7.0.15
  • apache tomcat 7.0.16
  • apache tomcat 7.0.17
  • apache tomcat 7.0.18
  • apache tomcat 7.0.19
  • apache tomcat 7.0.20
  • apache tomcat 7.0.21
  • apache tomcat 7.0.22
  • apache tomcat 7.0.23
  • apache tomcat 7.0.25
  • apache tomcat 7.0.28
  • apache tomcat 7.0.2 (beta)
  • apache tomcat 7.0.3
  • apache tomcat 7.0.4 (beta)
  • apache tomcat 7.0.5
  • apache tomcat 7.0.6
  • apache tomcat 7.0.7
  • apache tomcat 7.0.8
  • apache tomcat 7.0.9

References

  • BugTraq: 66552
  • BugTraq: 67671
  • CVE: CVE-2013-5705
  • CVE: CVE-2014-0075
  • CVE: CVE-2012-3544

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out