Test Kennung:	1.3.6.1.4.1.25623.1.0.146268
Kategorie:	Web Servers
Titel:	Apache Tomcat DoS Vulnerability (Jul 2021) - Linux
Zusammenfassung:	Apache Tomcat is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Apache Tomcat is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: An error introduced as part of a change to improve error handling during non-blocking I/O means that the error flag associated with the Request object is not reset between requests. This means that once a non-blocking I/O error occurres, all future requests handled by that request object will fail. Users are able to trigger non-blocking I/O errors, e.g. by dropping a connection, thereby creating the possibility of triggering a DoS. Applications that do not use non-blocking I/O are not exposed to this vulnerability. Affected Software/OS: Apache Tomcat 8.5.64, 9.0.44 and 10.0.3 through 10.0.4. Solution: Update to version 8.5.65, 9.0.45, 10.0.5 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-30639 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://security.netapp.com/advisory/ntap-20210827-0007/ https://security.gentoo.org/glsa/202208-34 https://lists.apache.org/thread.html/rd84fae1f474597bdf358f5bdc0a5c453c507bd527b83e8be6b5ea3f4%40%3Cannounce.tomcat.apache.org%3E https://www.oracle.com/security-alerts/cpujan2022.html https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cusers.tomcat.apache.org%3E
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.