what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

CVE-2018-1336

Status Candidate

Overview

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

Related Files

Red Hat Security Advisory 2018-3768-01
Posted Dec 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3768-01 - Red Hat Fuse enables integration experts, application developers, and business users to collaborate and independently develop connected solutions. Fuse is part of an agile integration solution. Its distributed approach allows teams to deploy integrated services where required. The API-centric, container-based architecture decouples services so they can be created, extended, and deployed independently. This release of Red Hat Fuse 7.2 serves as a replacement for Red Hat Fuse 7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-5002, CVE-2016-5003, CVE-2017-12196, CVE-2018-12537, CVE-2018-1257, CVE-2018-1259, CVE-2018-1288, CVE-2018-1336, CVE-2018-8014, CVE-2018-8018, CVE-2018-8039, CVE-2018-8041
MD5 | 6379aa8994b8c9b0a411a17b70ade8a9
Red Hat Security Advisory 2018-2945-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2945-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.16 serves as a replacement for RHOAR Spring Boot 1.5.15, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-1336
MD5 | 0ffe81da03b202a9d03e29d0b7501071
Red Hat Security Advisory 2018-2939-01
Posted Oct 18, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2939-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries spring-framework: Address partial fix for CVE-2018-1270 Issues addressed include bypass, code execution, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-12617, CVE-2018-1260, CVE-2018-1270, CVE-2018-1271, CVE-2018-1275, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-7489
MD5 | a81bee41629f0971103daec531920d5c
Red Hat Security Advisory 2018-2930-01
Posted Oct 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2930-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.11 release serves as a replacement for JBoss Operations Network 3.3.10, and includes several bug fixes. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2017-17485, CVE-2018-12533, CVE-2018-1336, CVE-2018-8088
MD5 | 7f44f8a54ec3fcefaa6f8a25aa193dba
Red Hat Security Advisory 2018-2921-01
Posted Oct 16, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2921-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-1336
MD5 | ff8868258d733db9eeb0af659bcbdd85
Red Hat Security Advisory 2018-2743-01
Posted Sep 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2743-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.20, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2017-2582, CVE-2017-7536, CVE-2018-10237, CVE-2018-1336
MD5 | eb83f5d59a02396163f2735051a86c96
Red Hat Security Advisory 2018-2740-01
Posted Sep 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2740-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.20, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2017-2582, CVE-2017-7536, CVE-2018-10237, CVE-2018-1336
MD5 | 151e50ffae36735d7e910ae9171877a1
Red Hat Security Advisory 2018-2742-01
Posted Sep 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2742-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.20, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2017-2582, CVE-2017-7536, CVE-2018-10237, CVE-2018-1336
MD5 | f76fe3b57a064aefff65035714bcde28
Red Hat Security Advisory 2018-2741-01
Posted Sep 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2741-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.20, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2017-2582, CVE-2017-7536, CVE-2018-10237, CVE-2018-1336
MD5 | 6ab6388748f66275262471b29e11de9e
Red Hat Security Advisory 2018-2701-01
Posted Sep 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2701-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 5 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2018-1336
MD5 | c1ec2a452487dc0b8e2d9f2a129a2558
Red Hat Security Advisory 2018-2700-01
Posted Sep 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2700-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 5 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.

tags | advisory, java, web, denial of service
systems | linux, redhat
advisories | CVE-2018-1336
MD5 | 630cabf1a1c0aa7715f1511ab0c02a93
Debian Security Advisory 4281-1
Posted Aug 29, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4281-1 - Several issues were discovered in the Tomcat servlet and JSP engine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.

tags | advisory
systems | linux, debian
advisories | CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-8034, CVE-2018-8037
MD5 | 618cacbcabcb734a39fc3a1dc8ca8cc4
Ubuntu Security Notice USN-3723-1
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3723-1 - It was discovered that Tomcat incorrectly handled decoding certain UTF-8 strings. A remote attacker could possibly use this issue to cause Tomcat to crash, resulting in a denial of service. It was discovered that the Tomcat WebSocket client incorrectly performed hostname verification. A remote attacker could possibly use this issue to intercept sensitive information.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-1336, CVE-2018-8034
MD5 | 2b2b54fad46680e7c1f4ff2862e94921
Page 1 of 1
Back1Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close