Summary
This host is running Apache Tomcat and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attackers to trigger a denial-of-service condition in the affected software.
Impact Level: Application
Solution
Upgrade Apache Tomcat version to 6.0.32, 7.0.8 or later, For updates refer to http://tomcat.apache.org
Insight
Tomcat did not enforce the maxHttpHeaderSize limit while parsing the request line in the NIO HTTP connector. A specially crafted request could trigger an DoS via an OutOfMemoryError.
Affected
Apache Tomcat version 6.0.x before 6.0.32
Apache Tomcat version 7.0.x before 7.0.8
Detection
Get the installed version of Apache Tomcat with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2011-0534 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities