ID de Prueba:	1.3.6.1.4.1.25623.1.0.146893
Categoría:	Web Servers
Título:	Apache Tomcat DoS Vulnerability (Mar 2015) - Linux
Resumen:	Apache Tomcat is prone to denial of service (DoS); vulnerability.
Descripción:	Summary: Apache Tomcat is prone to denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to ChunkedInputFilter implementation in Apache Tomcat did not fail subsequent attempts to read input after a failure occurred. Vulnerability Impact: Successful exploitation will allow remote attackers to perform a denial of service attack by streaming an unlimited quantity of data, leading to excessive consumption of system resources. Affected Software/OS: Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9. Solution: Update to version 6.0.42, 7.0.55, 8.0.9 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0227 BugTraq ID: 72717 http://www.securityfocus.com/bid/72717 Bugtraq: 20150209 [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling (Google Search) http://archives.neohapsis.com/archives/bugtraq/2015-02/0067.html Debian Security Information: DSA-3447 (Google Search) http://www.debian.org/security/2016/dsa-3447 Debian Security Information: DSA-3530 (Google Search) http://www.debian.org/security/2016/dsa-3530 http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html HPdes Security Advisory: HPSBUX03337 http://marc.info/?l=bugtraq&m=143403519711434&w=2 HPdes Security Advisory: HPSBUX03341 http://marc.info/?l=bugtraq&m=143393515412274&w=2 HPdes Security Advisory: SSRT102066 HPdes Security Advisory: SSRT102068 http://www.mandriva.com/security/advisories?name=MDVSA-2015:052 http://www.mandriva.com/security/advisories?name=MDVSA-2015:053 http://www.mandriva.com/security/advisories?name=MDVSA-2015:084 https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E RedHat Security Advisories: RHSA-2015:0675 http://rhn.redhat.com/errata/RHSA-2015-0675.html RedHat Security Advisories: RHSA-2015:0720 http://rhn.redhat.com/errata/RHSA-2015-0720.html RedHat Security Advisories: RHSA-2015:0765 http://rhn.redhat.com/errata/RHSA-2015-0765.html RedHat Security Advisories: RHSA-2015:0983 http://rhn.redhat.com/errata/RHSA-2015-0983.html RedHat Security Advisories: RHSA-2015:0991 http://rhn.redhat.com/errata/RHSA-2015-0991.html http://www.securitytracker.com/id/1032791 http://www.ubuntu.com/usn/USN-2654-1 http://www.ubuntu.com/usn/USN-2655-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.