Hi,
We are using Tomcat 7.0.40 as web server. It deploys a REST based(Jersey)
web application where few requests are multipart requests. These requests
accept byte array input.
We tried to reproduce this vulnerability by sending more than 4091
characters in the boundary field. The request failed
bo zhao wrote:
I had modified the os ulimit parameter: open files and max processes, after
that, Tomcat does't exit unexpectedly, and the log of Tomcat have not the
... pause, ... init. It seems work normally.
But I still don't know the reason. I want to know if the two parameter is
the key to
From: Aditi Sinha [mailto:adisinha0...@gmail.com]
Subject: Need info on CVE-2014-0050
We are using Tomcat 7.0.40 as web server.
How can we confirm if our application is vulnerable or not to CVE-2014-0050?
Read the relevant security pages:
http://tomcat.apache.org/security-7.html
Thanks Chuck. We are not using Apache Commons FileUpload or Tomcat's
implementation of FileUpload.