JVN/CVE Demo: Cveinfos

CVE

Id: 44811
CVE No.: CVE-2010-2227
Status: Candidate
Description: Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
Phase: Assigned (20100609)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
489433	44811	CVE-2010-2227	BUGTRAQ:20100709 [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability	View
489434	44811	CVE-2010-2227	URL:http://www.securityfocus.com/archive/1/archive/1/512272/100/0/threaded	View
489435	44811	CVE-2010-2227	BUGTRAQ:20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX	View
489436	44811	CVE-2010-2227	URL:http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded	View
489437	44811	CVE-2010-2227	CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=958911	View
489438	44811	CVE-2010-2227	CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=958977	View
489439	44811	CVE-2010-2227	CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=959428	View
489440	44811	CVE-2010-2227	CONFIRM:http://tomcat.apache.org/security-5.html	View
489441	44811	CVE-2010-2227	CONFIRM:http://tomcat.apache.org/security-6.html	View
489442	44811	CVE-2010-2227	CONFIRM:http://tomcat.apache.org/security-7.html	View
489443	44811	CVE-2010-2227	CONFIRM:http://geronimo.apache.org/21x-security-report.html	View
489444	44811	CVE-2010-2227	CONFIRM:http://geronimo.apache.org/22x-security-report.html	View
489445	44811	CVE-2010-2227	CONFIRM:http://www.novell.com/support/viewContent.do?externalId=7007274	View
489446	44811	CVE-2010-2227	CONFIRM:http://www.novell.com/support/viewContent.do?externalId=7007275	View
489447	44811	CVE-2010-2227	CONFIRM:http://www.vmware.com/security/advisories/VMSA-2011-0003.html	View
489448	44811	CVE-2010-2227	CONFIRM:http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	View
489449	44811	CVE-2010-2227	CONFIRM:http://support.apple.com/kb/HT5002	View
489450	44811	CVE-2010-2227	APPLE:APPLE-SA-2011-10-12-3	View
489451	44811	CVE-2010-2227	URL:http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	View
489452	44811	CVE-2010-2227	DEBIAN:DSA-2207	View
489453	44811	CVE-2010-2227	URL:http://www.debian.org/security/2011/dsa-2207	View
489454	44811	CVE-2010-2227	FEDORA:FEDORA-2010-16248	View
489455	44811	CVE-2010-2227	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050207.html	View
489456	44811	CVE-2010-2227	FEDORA:FEDORA-2010-16270	View
489457	44811	CVE-2010-2227	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050214.html	View
489458	44811	CVE-2010-2227	HP:HPSBUX02579	View
489459	44811	CVE-2010-2227	URL:http://marc.info/?l=bugtraq&m=129070310906557&w=2	View
489460	44811	CVE-2010-2227	HP:SSRT100203	View
489461	44811	CVE-2010-2227	URL:http://marc.info/?l=bugtraq&m=129070310906557&w=2	View
489462	44811	CVE-2010-2227	HP:HPSBUX02860	View
489463	44811	CVE-2010-2227	URL:http://marc.info/?l=bugtraq&m=136485229118404&w=2	View
489464	44811	CVE-2010-2227	HP:SSRT101146	View
489465	44811	CVE-2010-2227	URL:http://marc.info/?l=bugtraq&m=136485229118404&w=2	View
489466	44811	CVE-2010-2227	HP:HPSBST02955	View
489467	44811	CVE-2010-2227	URL:http://marc.info/?l=bugtraq&m=139344343412337&w=2	View
489468	44811	CVE-2010-2227	MANDRIVA:MDVSA-2010:176	View
489469	44811	CVE-2010-2227	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:176	View
489470	44811	CVE-2010-2227	MANDRIVA:MDVSA-2010:177	View
489471	44811	CVE-2010-2227	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:177	View
489472	44811	CVE-2010-2227	REDHAT:RHSA-2010:0580	View
489473	44811	CVE-2010-2227	URL:http://www.redhat.com/support/errata/RHSA-2010-0580.html	View
489474	44811	CVE-2010-2227	REDHAT:RHSA-2010:0583	View
489475	44811	CVE-2010-2227	URL:http://www.redhat.com/support/errata/RHSA-2010-0583.html	View
489476	44811	CVE-2010-2227	REDHAT:RHSA-2010:0581	View
489477	44811	CVE-2010-2227	URL:http://www.redhat.com/support/errata/RHSA-2010-0581.html	View
489478	44811	CVE-2010-2227	REDHAT:RHSA-2010:0582	View
489479	44811	CVE-2010-2227	URL:http://www.redhat.com/support/errata/RHSA-2010-0582.html	View
489480	44811	CVE-2010-2227	SUSE:SUSE-SR:2010:017	View
489481	44811	CVE-2010-2227	URL:http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	View
489482	44811	CVE-2010-2227	BID:41544	View
489483	44811	CVE-2010-2227	URL:http://www.securityfocus.com/bid/41544	View
489484	44811	CVE-2010-2227	OVAL:oval:org.mitre.oval:def:18532	View
489485	44811	CVE-2010-2227	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:18532	View
489486	44811	CVE-2010-2227	SECTRACK:1024180	View
489487	44811	CVE-2010-2227	URL:http://securitytracker.com/id?1024180	View
489488	44811	CVE-2010-2227	SECUNIA:40813	View
489489	44811	CVE-2010-2227	URL:http://secunia.com/advisories/40813	View
489490	44811	CVE-2010-2227	SECUNIA:41025	View
489491	44811	CVE-2010-2227	URL:http://secunia.com/advisories/41025	View
489492	44811	CVE-2010-2227	SECUNIA:42079	View
489493	44811	CVE-2010-2227	URL:http://secunia.com/advisories/42079	View
489494	44811	CVE-2010-2227	SECUNIA:42368	View
489495	44811	CVE-2010-2227	URL:http://secunia.com/advisories/42368	View
489496	44811	CVE-2010-2227	SECUNIA:42454	View
489497	44811	CVE-2010-2227	URL:http://secunia.com/advisories/42454	View
489498	44811	CVE-2010-2227	SECUNIA:43310	View
489499	44811	CVE-2010-2227	URL:http://secunia.com/advisories/43310	View
489500	44811	CVE-2010-2227	SECUNIA:44183	View
489501	44811	CVE-2010-2227	URL:http://secunia.com/advisories/44183	View
489502	44811	CVE-2010-2227	SECUNIA:57126	View
489503	44811	CVE-2010-2227	URL:http://secunia.com/advisories/57126	View
489504	44811	CVE-2010-2227	VUPEN:ADV-2010-1986	View
489505	44811	CVE-2010-2227	URL:http://www.vupen.com/english/advisories/2010/1986	View
489506	44811	CVE-2010-2227	VUPEN:ADV-2010-2868	View
489507	44811	CVE-2010-2227	URL:http://www.vupen.com/english/advisories/2010/2868	View
489508	44811	CVE-2010-2227	VUPEN:ADV-2010-3056	View
489509	44811	CVE-2010-2227	URL:http://www.vupen.com/english/advisories/2010/3056	View
489510	44811	CVE-2010-2227	XF:tomcat-transferencoding-dos(60264)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
39077	JVNDB-2010-004862	Moodle の report/overview/report.php におけるクロスサイトリクエストフォージェリの脆弱性	Moodle の quiz モジュールの report/overview/report.php には、クロスサイトリクエストフォージェリの脆弱性が存在します。	CVE-2010-2231	44811	6.8		http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004862.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.38 MB
View render complete	2.92 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.57
Event: Controller.initialize	0.03
Event: Controller.startup	0.10
Controller action	589.39
Event: Controller.beforeRender	5.18
» Processing toolbar data	5.08
Rendering View	39.25
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	38.11
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.62
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.10
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/44811
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/44811
Remote Port	1591
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.118
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.69.205
Http Via	1.1 squid-proxy-5b5d847c96-kvcjn (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.118
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.118
Unique Id	aSuI-1bJYmVR1LhHMHBTpgAAASU
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.118
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.118
Redirect Unique Id	aSuI-1bJYmVR1LhHMHBTpgAAASU
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.118
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.118
Redirect Redirect Unique Id	aSuI-1bJYmVR1LhHMHBTpgAAASU
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1764460795.7641
Request Time	1764460795

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files