MDVSA-2012:085 -- Mandriva tomcat5ID: oval:org.secpod.oval:def:1300072 | Date: (C)2013-01-01 (M)2022-10-10 |
Class: PATCH | Family: unix |
A vulnerability has been discovered and corrected in tomcat5: Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858 . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Enterprise Server 5.2 |