Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1359-1
Solution
Please Install the Updated Packages.
Insight
It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. (CVE-2011-3375)
It was discovered that Tomcat computed hash values for form parameters without restricting the ability to trigger hash collisions predictably.
A remote attacker could cause a denial of service by sending many crafted parameters. (CVE-2011-4858)
It was discovered that Tomcat incorrectly handled parameters. A remote attacker could cause a denial of service by sending requests with a large number of parameters and values. (CVE-2012-0022)
Affected
tomcat6 on Ubuntu 11.04 ,
Ubuntu 10.10 ,
Ubuntu 10.04 LTS
Severity
Classification
-
CVE CVE-2011-3375, CVE-2011-4858, CVE-2012-0022 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities