Описание
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6.0.28-10 |
| hardy | DNE | |
| karmic | released | 6.0.20-2ubuntu2.4 |
| lucid | released | 6.0.24-2ubuntu1.7 |
| maverick | released | 6.0.28-2ubuntu1.2 |
| upstream | needs-triage |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not en ...
Apache Tomcat does not enforce the maxHttpHeaderSize limit
ELSA-2011-0335: tomcat6 security and bug fix update (IMPORTANT)
5 Medium
CVSS2