|
Family: Denial of Service --> Category: infos
Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for remote malformed request denial of service vulnerability in Apache Tomcat
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote AJP connector is affected by a denial of service issue.
Description :
According to its banner, the version of Apache Tomcat installed on the
remote host suffers from a denial of service vulnerability due to its
failure to handle malformed input. By submitting a specially-crafted
AJP12 request, an unauthenticated attacker can cause Tomcat to stop
responding. At present, details on the specific nature of such
requests are not generally known.
See also :
http://www.kb.cert.org/vuls/id/JGEI-6A2LEF
Solution :
Upgrade to Apache Tomcat version 5.x or later.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:N/A:P/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|