Apache Tomcat does not enforce the maxHttpHeaderSize limit

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service OutOfMemoryError via a crafted request...

Ubuntu Update for tomcat6 vulnerabilities USN-1097-1

Ubuntu Update for Linux kernel vulnerabilities USN-1097-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10971.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for tomcat6 vulnerabilities USN-1097-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

USN-1097-1: Tomcat vulnerabilities

It was discovered that the Tomcat SecurityManager did not properly restrict the working directory. An attacker could use this flaw to read or write files outside of the intended working directory. CVE-2010-3718 It was discovered that Tomcat did not properly escape certain parameters in the Manage...

[SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2011-0534 Apache Tomcat DoS vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.6 - - Tomcat 6.0.0 to 6.0.30 Description: Tomcat did not enforce the maxHttpHeaderSize limit while...