jetlib.sec » Bugtraq » [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service

Feeds

132963 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• January 17, 2012
• 

  [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service

  Posted: January 17th, 2012, 6:46am PST

  Tags:   

  Posted by Mark Thomas on Jan 17

  CVE-2012-0022 Apache Tomcat Denial of Service
  
  Severity: Important
  
  Vendor: The Apache Software Foundation
  
  Versions Affected:
  - Tomcat 7.0.0 to 7.0.22
  - Tomcat 6.0.0 to 6.0.33
  - Tomcat 5.5.0 to 5.5.34
  - Earlier, unsupported versions may also be affected
  
  Description:
  Analysis of the recent hash collision vulnerability identified unrelated
  inefficiencies with Apache Tomcat's handling of large numbers of
  parameters and parameter values. These...