Launchpad.net

CVE 2011-3375

Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.

Related bugs and status

CVE-2011-3375 (Candidate) is related to these bugs:

Bug #909828: Tomcat needs update to prevent hash function DoS attack

		In	Importance	Status
909828	Tomcat needs update to prevent hash function DoS attack	tomcat6 (Ubuntu)	Undecided	Fix Released
909828	Tomcat needs update to prevent hash function DoS attack	tomcat6 (Ubuntu Lucid)	Medium	Fix Released
909828	Tomcat needs update to prevent hash function DoS attack	tomcat6 (Ubuntu Maverick)	Medium	Fix Released
909828	Tomcat needs update to prevent hash function DoS attack	tomcat6 (Ubuntu Oneiric)	Medium	Fix Released
909828	Tomcat needs update to prevent hash function DoS attack	tomcat6 (Ubuntu Natty)	Medium	Fix Released
909828	Tomcat needs update to prevent hash function DoS attack	tomcat6 (Ubuntu Precise)	Undecided	Fix Released

Bug #1115053: Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10

		In	Importance	Status
1115053	Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10	tomcat7 (Ubuntu)	Undecided	Fix Released
1115053	Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10	tomcat7 (Ubuntu Oneiric)	Undecided	Fix Released
1115053	Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10	tomcat7 (Ubuntu Precise)	Undecided	Fix Released
1115053	Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10	tomcat7 (Ubuntu Raring)	Undecided	Fix Released
1115053	Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10	tomcat7 (Ubuntu Quantal)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-3375

Related bugs and status

Related bugs

References