gonuldas / gwtupload

Automatically exported from code.google.com/p/gwtupload
Other
0 stars 0 forks source link

Apache Upload Exploit #190

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1.See exploit details 
http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-w
ithout-boundaries.html

What is the expected output? What do you see instead?
Exploit pegs CPU @100% in infinite loop.

What version of the product are you using? On what operating system?
Affects Tomcat 7 and Tomcat 8. Must update upload library to 1.3.1.

Please provide any additional information below.

Original issue reported on code.google.com by lifeofl...@gmail.com on 24 Feb 2014 at 10:32

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
Library is currently using Common File Upload 1.2.1

Original comment by lifeofl...@gmail.com on 24 Feb 2014 at 10:34

GoogleCodeExporter commented 8 years ago

Original comment by manuel.carrasco.m on 6 Mar 2014 at 5:02

GoogleCodeExporter commented 8 years ago
This issue was closed by revision 5741a197ca47.

Original comment by manuel.carrasco.m on 2 Apr 2014 at 8:18

GoogleCodeExporter commented 8 years ago

Original comment by manuel.carrasco.m on 28 Apr 2014 at 6:27