subject:"\[SECURITY\] CVE\-2014\-0227 Apache Tomcat Request Smuggling"

Re: [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling

2015-02-09 Thread Christopher Schultz

Sebb, On 2/9/15 6:24 AM, sebb wrote: > On 9 February 2015 at 09:12, Mark Thomas wrote: > CVE-2014-0227 Request Smuggling > > Severity: Important > > Vendor: The Apache Software Foundation > > Versions Affected: > - Apache Tomcat 8.0.0-RC1 to 8.0.8 > - Apache Tomcat 7.0.0 to 7.0.54 > - Apache T

Re: [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling

2015-02-09 Thread sebb

On 9 February 2015 at 09:12, Mark Thomas wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > CVE-2014-0227 Request Smuggling > > Severity: Important > > Vendor: The Apache Software Foundation > > Versions Affected: > - - Apache Tomcat 8.0.0-RC1 to 8.0.8 > - - Apache Tomcat 7.0.0 to 7.0.54

[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling

2015-02-09 Thread Mark Thomas

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to c