This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:DOS:APACHE-TOMCAT-CHUNKED
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Apache Tomcat Large Chunked Transfer Denial of Service
|
Release Date |
2015/06/12
|
Update Number |
2504
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Apache Tomcat Large Chunked Transfer Denial of Service
A denial of service vulnerability has been identified in Apache Tomcat as it processes Chunked-Transfer encoded requests. A successful attack can result in a denial-of-service condition.
Extended Description
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
Affected Products
- Apache tomcat 6.0
- Apache tomcat 6.0.0
- Apache tomcat 6.0.1
- Apache tomcat 6.0.10
- Apache tomcat 6.0.11
- Apache tomcat 6.0.12
- Apache tomcat 6.0.13
- Apache tomcat 6.0.14
- Apache tomcat 6.0.15
- Apache tomcat 6.0.16
- Apache tomcat 6.0.17
- Apache tomcat 6.0.18
- Apache tomcat 6.0.19
- Apache tomcat 6.0.2
- Apache tomcat 6.0.20
- Apache tomcat 6.0.24
- Apache tomcat 6.0.26
- Apache tomcat 6.0.27
- Apache tomcat 6.0.28
- Apache tomcat 6.0.29
- Apache tomcat 6.0.3
- Apache tomcat 6.0.30
- Apache tomcat 6.0.31
- Apache tomcat 6.0.32
- Apache tomcat 6.0.33
- Apache tomcat 6.0.35
- Apache tomcat 6.0.36
- Apache tomcat 6.0.4
- Apache tomcat 6.0.5
- Apache tomcat 6.0.6
- Apache tomcat 6.0.7
- Apache tomcat 6.0.8
- Apache tomcat 6.0.9
- Apache tomcat 7.0.0
- Apache tomcat 7.0.1
- Apache tomcat 7.0.10
- Apache tomcat 7.0.11
- Apache tomcat 7.0.12
- Apache tomcat 7.0.13
- Apache tomcat 7.0.14
- Apache tomcat 7.0.15
- Apache tomcat 7.0.16
- Apache tomcat 7.0.17
- Apache tomcat 7.0.18
- Apache tomcat 7.0.19
- Apache tomcat 7.0.2
- Apache tomcat 7.0.20
- Apache tomcat 7.0.21
- Apache tomcat 7.0.22
- Apache tomcat 7.0.23
- Apache tomcat 7.0.25
- Apache tomcat 7.0.28
- Apache tomcat 7.0.3
- Apache tomcat 7.0.4
- Apache tomcat 7.0.5
- Apache tomcat 7.0.6
- Apache tomcat 7.0.7
- Apache tomcat 7.0.8
- Apache tomcat 7.0.9
References