Apache Tomcat Parameter Handling Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is running Apache Tomcat Server and is prone to denial of service vulnerability

Impact

Successful exploitation could allow remote attackers to cause a denial of service via a specially crafted request. Impact Level: Application.

Solution

Upgrade Apache Tomcat to 5.5.35, 6.0.34, 7.0.23 or later, For updates refer to http://tomcat.apache.org/

Insight

The flaw is due to improper handling of large numbers of parameters and parameter values, allows attackers to cause denial of service via a crafted request that contains many parameters and parameter values.

Affected

Apache Tomcat 5.5.x to 5.5.34, 6.x to 6.0.33 and 7.x to 7.0.22 on Windows.

References

http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
http://www.securityfocus.com/bid/51447/info

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0022

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Tomcat Multiple Vulnerabilities January 2010
IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability
IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities
CERN HTTPD access control bypass
IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities

Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)

Take action and discover your vulnerabilities