Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2015/02/17 10:27 p.m.3 views

Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter

It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to...

5CVSS6.7AI score0.2006EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2015/02/04 12:0 a.m.60 views

apache24 -- multiple vulnerabilities

Jim Jagielski reports: CVE-2015-3183 cve.mitre.org core: Fix chunk header parsing defect. Remove aprbrigadeflatten, buffering and duplicated code from the HTTPIN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized...

5CVSS7.3AI score0.73327EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/07/07 2:49 p.m.3 views

Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter

It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to...

5CVSS6.7AI score0.2006EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/07/03 5:1 p.m.5 views

Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter

It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to...

5CVSS6.7AI score0.2006EPSS
Exploits1References4
Rows per page
Query Builder