Signature Detail

HTTP: POST Submission Missing Data

This signature detects a POST submission that does not include the POST data in the first packet payload. This may be an indication of a Denial of Service (DoS) using the 'Slowloris' technique. It also may be a non-malicious submission with a low MTU.

Extended Description

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.

Affected Products

• Apache tomcat 6.0
• Apache tomcat 6.0.0
• Apache tomcat 6.0.1
• Apache tomcat 6.0.10
• Apache tomcat 6.0.11
• Apache tomcat 6.0.12
• Apache tomcat 6.0.13
• Apache tomcat 6.0.14
• Apache tomcat 6.0.15
• Apache tomcat 6.0.16
• Apache tomcat 6.0.17
• Apache tomcat 6.0.18
• Apache tomcat 6.0.19
• Apache tomcat 6.0.2
• Apache tomcat 6.0.20
• Apache tomcat 6.0.24
• Apache tomcat 6.0.26
• Apache tomcat 6.0.27
• Apache tomcat 6.0.28
• Apache tomcat 6.0.29
• Apache tomcat 6.0.3
• Apache tomcat 6.0.30
• Apache tomcat 6.0.31
• Apache tomcat 6.0.32
• Apache tomcat 6.0.33
• Apache tomcat 6.0.35
• Apache tomcat 6.0.36
• Apache tomcat 6.0.4
• Apache tomcat 6.0.5
• Apache tomcat 6.0.6
• Apache tomcat 6.0.7
• Apache tomcat 6.0.8
• Apache tomcat 6.0.9
• Apache tomcat 7.0.0
• Apache tomcat 7.0.1
• Apache tomcat 7.0.10
• Apache tomcat 7.0.11
• Apache tomcat 7.0.12
• Apache tomcat 7.0.13
• Apache tomcat 7.0.14
• Apache tomcat 7.0.15
• Apache tomcat 7.0.16
• Apache tomcat 7.0.17
• Apache tomcat 7.0.18
• Apache tomcat 7.0.19
• Apache tomcat 7.0.2
• Apache tomcat 7.0.20
• Apache tomcat 7.0.21
• Apache tomcat 7.0.22
• Apache tomcat 7.0.23
• Apache tomcat 7.0.25
• Apache tomcat 7.0.28
• Apache tomcat 7.0.3
• Apache tomcat 7.0.4
• Apache tomcat 7.0.5
• Apache tomcat 7.0.6
• Apache tomcat 7.0.7
• Apache tomcat 7.0.8
• Apache tomcat 7.0.9

References

• BugTraq: 67671
• BugTraq: 104457
• BugTraq: 66552
• CVE: CVE-2013-5705
• CVE: CVE-2014-0075
• CVE: CVE-2018-12228
• CVE: CVE-2012-3544