Описание
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6.0.35-5+nmu1 |
| hardy | DNE | |
| lucid | released | 6.0.24-2ubuntu1.11 |
| oneiric | released | 6.0.32-5ubuntu1.3 |
| precise | released | 6.0.35-1ubuntu3.1 |
| quantal | released | 6.0.35-5ubuntu0.1 |
| raring | not-affected | 6.0.35-5+nmu1 |
| upstream | released | 6.0.35-5+nmu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | DNE | |
| lucid | DNE | |
| oneiric | released | 7.0.21-1ubuntu0.1 |
| precise | released | 7.0.26-1ubuntu1.2 |
| quantal | not-affected | 7.0.30-0ubuntu1 |
| raring | not-affected | |
| upstream | released | 7.0.28-1 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP ...
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
5 Medium
CVSS2