When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading the response an infinite loop is entered leading to a denial of service. Tomcat versions 6.0.0 through 6.0.35 and 7.0.0 through 7.0.27 are affected.
6afeb9d776681b81c074822aa40b6c5c5f366a02d179b63da64bea40dbcc6900CVE-2012-4534 Apache Tomcat denial of service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- Tomcat 7.0.0 to 7.0.27
- Tomcat 6.0.0 to 6.0.35
Description:
When using the NIO connector with sendfile and HTTPS enabled, if a
client breaks the connection while reading the response an infinite loop
is entered leading to a denial of service. This was originally reported
as https://issues.apache.org/bugzilla/show_bug.cgi?id=52858.
Mitigation:
Users of affected versions should apply one of the following mitigations:
- Tomcat 7.0.x users should upgrade to 7.0.28 or later
- Tomcat 6.0.x users should upgrade to 6.0.36 or later
Credit:
The security implications of this bug were identified by Arun Neelicattu
of the Red Hat Security Response Team.
References:
http://tomcat.apache.org/security.html
http://tomcat.apache.org/security-7.html
http://tomcat.apache.org/security-6.html
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed