Details of VAR-201708-0218

ID

VAR-201708-0218

CVE

CVE-2016-6817

TITLE

Apache Tomcat Updates for multiple vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-007656

DESCRIPTION

The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible. The Apache Software Foundation From Apache Tomcat Updates for the following multiple vulnerabilities have been released: * * HTTP Response falsification (CVE-2016-6816) * * Service operation interruption (DoS) (CVE-2016-6817) * * Arbitrary code execution (CVE-2016-8735)Expected impact varies depending on each vulnerability, but information leakage, service operation interruption (DoS) May be affected by arbitrary code execution. Apache Tomcat is prone to a denial-of-service vulnerability. Attackers may leverage this issue to cause denial-of-service conditions. The following versions are affected: Apache Tomcat 9.0.0.M1 through 9.0.0.M11 Apache Tomcat 8.5.0 through 8.5.6

Trust: 1.98

sources: NVD: CVE-2016-6817 // JVNDB: JVNDB-2016-007656 // BID: 94462 // VULMON: CVE-2016-6817

AFFECTED PRODUCTS

vendor:	apache	model:	tomcat	scope:	eq	version:	9.0.0	Trust: 1.6
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.6	Trust: 1.3
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.5	Trust: 1.3
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.4	Trust: 1.3
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.3	Trust: 1.3
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.2	Trust: 1.3
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.0	Trust: 1.3
vendor:	apache	model:	tomcat	scope:	eq	version:	8.5.1	Trust: 1.0
vendor:	apache	model:	tomcat	scope:	lte	version:	6.0.0 from 6.0.47	Trust: 0.8
vendor:	apache	model:	tomcat	scope:	lte	version:	7.0.0 from 7.0.72	Trust: 0.8
vendor:	apache	model:	tomcat	scope:	lte	version:	8.0.0.rc1 from 8.0.38	Trust: 0.8
vendor:	apache	model:	tomcat	scope:	lte	version:	8.5.0 from 8.5.6	Trust: 0.8
vendor:	apache	model:	tomcat	scope:	lte	version:	9.0.0.m1 from 9.0.0.m11	Trust: 0.8
vendor:	nec	model:	mailshooter	scope:	eq	version:	-	Trust: 0.8
vendor:	nec	model:	simpwright	scope:	eq	version:	v6	Trust: 0.8
vendor:	nec	model:	simpwright	scope:	eq	version:	v7	Trust: 0.8
vendor:	nec	model:	spoolserver series	scope:	eq	version:	reportfiling ver5.2 to 6.2	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server enterprise	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server standard	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus application server version 5	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus component container	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer light version 6	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer professional version 6	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer standard version 6	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus developer version 5	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus primary server	scope:	eq	version:	base version 5	Trust: 0.8
vendor:	hitachi	model:	cosminexus primary server	scope:	eq	version:	base version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus primary server	scope:	eq	version:	version 6	Trust: 0.8
vendor:	hitachi	model:	cosminexus studio	scope:	eq	version:	light version	Trust: 0.8
vendor:	hitachi	model:	embedded cosminexus server	scope:	eq	version:	version 5	Trust: 0.8
vendor:	hitachi	model:	jp1/cm2/network node manager	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	jp1/network node manager	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	none	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	(64)	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	-r	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	express	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	light	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server	scope:	eq	version:	standard-r	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server enterprise	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server smart edition	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus application server standard	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	none	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	01	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional for atm	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer	scope:	eq	version:	professional for plug-in	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer light	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus developer standard	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus primary server	scope:	eq	version:	base	Trust: 0.8
vendor:	hitachi	model:	ucosminexus primary server	scope:	eq	version:	base(64)	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service architect	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	none	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	(64)	Trust: 0.8
vendor:	hitachi	model:	ucosminexus service platform	scope:	eq	version:	- messaging	Trust: 0.8
vendor:	hitachi	model:	programming environment for java	scope:	-	version:	-	Trust: 0.8
vendor:	oracle	model:	solaris	scope:	eq	version:	11.3	Trust: 0.3
vendor:	oracle	model:	solaris	scope:	eq	version:	10	Trust: 0.3
vendor:	oracle	model:	secure global desktop	scope:	eq	version:	5.3	Trust: 0.3
vendor:	oracle	model:	secure global desktop	scope:	eq	version:	5.2	Trust: 0.3
vendor:	oracle	model:	secure global desktop	scope:	eq	version:	4.71	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0m8	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0m6	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m9	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m7	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m5	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m4	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m3	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m2	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m11	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m10	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m1	scope:	-	version:	-	Trust: 0.3
vendor:	apache	model:	tomcat	scope:	ne	version:	8.5.8	Trust: 0.3
vendor:	apache	model:	tomcat 9.0.0.m13	scope:	ne	version:	-	Trust: 0.3

sources: BID: 94462 // JVNDB: JVNDB-2016-007656 // CNNVD: CNNVD-201611-611 // NVD: CVE-2016-6817

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6817
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-201611-611
value:	HIGH
Trust: 0.6
VULMON:	CVE-2016-6817
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6817
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1

nvd@nist.gov:	CVE-2016-6817
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: VULMON: CVE-2016-6817 // CNNVD: CNNVD-201611-611 // NVD: CVE-2016-6817

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.0

sources: NVD: CVE-2016-6817

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-611

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201611-611

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007656

PATCH

title:	Fixed in Apache Tomcat 8.0.39	url:	https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39	Trust: 0.8
title:	Fixed in Apache Tomcat 7.0.73	url:	https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73	Trust: 0.8
title:	Fixed in Apache Tomcat 6.0.48	url:	https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48	Trust: 0.8
title:	Fixed in Apache Tomcat 9.0.0.M13	url:	https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13	Trust: 0.8
title:	Fixed in Apache Tomcat 8.5.8	url:	https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8	Trust: 0.8
title:	hitachi-sec-2017-107	url:	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-107/index.html	Trust: 0.8
title:	hitachi-sec-2019-107	url:	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-107/index.html	Trust: 0.8
title:	NV17-002	url:	http://jpn.nec.com/security-info/secinfo/nv17-002.html	Trust: 0.8
title:	hitachi-sec-2017-107	url:	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-107/index.html	Trust: 0.8
title:	hitachi-sec-2019-107	url:	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2019-107/index.html	Trust: 0.8
title:	Apache Tomcat Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66020	Trust: 0.6
title:	Red Hat: CVE-2016-6817	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-6817	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=a2bac27fb002bed513645d4775c7275b	Trust: 0.1
title:	Oracle: Oracle Critical Patch Update Advisory - April 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=143b3fb255063c81571469eaa3cf0a87	Trust: 0.1
title:	rhsecapi	url:	https://github.com/RedHatOfficial/rhsecapi	Trust: 0.1
title:	rhsecapi	url:	https://github.com/ryran/rhsecapi	Trust: 0.1
title:	rhsecapi	url:	https://github.com/RedHatProductSecurity/cve-pylib	Trust: 0.1
title:	A2:2017 Broken Authentication A5:2017 Broken Access Control A3:2017 Sensitive Data Exposure A6:2017 Security Misconfiguration A9:2017 Using Components with Known Vulnerabilities A10:2017 Insufficient Logging & Monitoring	url:	https://github.com/ilmari666/cybsec	Trust: 0.1

sources: VULMON: CVE-2016-6817 // JVNDB: JVNDB-2016-007656 // CNNVD: CNNVD-201611-611

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6817	Trust: 2.8
db:	BID	id:	94462	Trust: 2.0
db:	SECTRACK	id:	1037330	Trust: 1.7
db:	JVN	id:	JVNVU92250735	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007656	Trust: 0.8
db:	CNNVD	id:	CNNVD-201611-611	Trust: 0.6
db:	VULMON	id:	CVE-2016-6817	Trust: 0.1

sources: VULMON: CVE-2016-6817 // BID: 94462 // JVNDB: JVNDB-2016-007656 // CNNVD: CNNVD-201611-611 // NVD: CVE-2016-6817

REFERENCES

url:	http://www.securityfocus.com/bid/94462	Trust: 1.8
url:	http://www.securitytracker.com/id/1037330	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20180607-0001/	Trust: 1.7
url:	https://lists.apache.org/thread.html/a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a%40%3cannounce.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3cdev.tomcat.apache.org%3e	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6816	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6817	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8735	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu92250735/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-6816	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-6817	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-8735	Trust: 0.8
url:	https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3cdev.tomcat.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3cdev.tomcat.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/a9f24571460af003071475b75f18cad81ebcc36fa7c876965a75e32a@%3cannounce.tomcat.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3cdev.tomcat.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3cdev.tomcat.apache.org%3e	Trust: 0.6
url:	http://tomcat.apache.org/	Trust: 0.3
url:	http://tomcat.apache.org/security-8.html	Trust: 0.3
url:	http://tomcat.apache.org/security-9.html	Trust: 0.3
url:	http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html	Trust: 0.3
url:	https://www.oracle.com/technetwork/topics/security/bulletinjan2017-3431551.html	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-6817	Trust: 0.1
url:	https://github.com/redhatofficial/rhsecapi	Trust: 0.1

sources: VULMON: CVE-2016-6817 // BID: 94462 // JVNDB: JVNDB-2016-007656 // CNNVD: CNNVD-201611-611 // NVD: CVE-2016-6817

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 94462

SOURCES

db:	VULMON	id:	CVE-2016-6817
db:	BID	id:	94462
db:	JVNDB	id:	JVNDB-2016-007656
db:	CNNVD	id:	CNNVD-201611-611
db:	NVD	id:	CVE-2016-6817

LAST UPDATE DATE

2024-08-14T13:05:27.091000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2016-6817	date:	2023-12-08T00:00:00
db:	BID	id:	94462	date:	2017-05-02T01:06:00
db:	JVNDB	id:	JVNDB-2016-007656	date:	2019-04-12T00:00:00
db:	CNNVD	id:	CNNVD-201611-611	date:	2019-04-16T00:00:00
db:	NVD	id:	CVE-2016-6817	date:	2023-12-08T16:41:18.860

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2016-6817	date:	2017-08-10T00:00:00
db:	BID	id:	94462	date:	2016-11-22T00:00:00
db:	JVNDB	id:	JVNDB-2016-007656	date:	2017-03-09T00:00:00
db:	CNNVD	id:	CNNVD-201611-611	date:	2016-11-22T00:00:00
db:	NVD	id:	CVE-2016-6817	date:	2017-08-10T22:29:00.233