CVE-2013-4322 PoC — Apache Tomcat 输入验证错误漏洞

Source

https://github.com/LiviuPtr/CVE-2013-4322_PoC

Associated Vulnerability

Title:Apache Tomcat 输入验证错误漏洞 (CVE-2013-4322)
Description:Apache Tomcat是美国阿帕奇（Apache）软件基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page（JSP）的支持。 Apache Tomcat中存在输入验证漏洞。当处理分块传输编码时，远程攻击者可借助大量的分块数据或使用畸形的HTTP头利用该漏洞造成拒绝服务。以下版本受到影响：Apache Tomcat 6.0.37及之前的版本，7.0.47之前的7.x版本，8.0.0-RC3之前的8.x版本。

Description

A simple python script PoC demonstrating the slow POST chunked transmission vulnerability.

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!