Denial Of Service (DoS)

HTTPS NIO Connector is vulnerable to Denial Of Service DoS attacks. The component Socket Handler's functionality is affected by opening a socket and not sending an SSL handshake which results in a read-timeout vulnerability...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 6.4.7 update (Moderate) (RHSA-2016:0597)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0597 advisory. - tomcat: non-persistent DoS attack by feeding data by aborting an upload CVE-2014-0230 - EAP: HTTPS NIO connector uses no timeout when...

CVE-2016-2094

The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...

CVE-2016-2094

The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...

CVE-2016-2094

The HTTPS NIO Connector allows remote attackers to cause a denial of service thread consumption by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.7 update

A Red Hat JBoss Enterprise Application Platform update is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

EAP: HTTPS NIO connector uses no timeout when reading SSL handshake from client

A read-timeout flaw was found in the HTTPS NIO Connector handling of SSL handshakes. A remote, unauthenticated attacker could create a socket and cause a thread to remain occupied indefinitely so long as the socket remained open denial of service...