46 matches found
CVE-2016-2094
The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client
A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...
httpd: Reverse proxy sends wrong responses after time-outs
modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...
DEBIAN-CVE-2010-2791
modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in...