CVE 2012-0022
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
Related bugs and status
CVE-2012-0022 (Candidate) is related to these bugs:
Bug #909828: Tomcat needs update to prevent hash function DoS attack
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
909828 | Tomcat needs update to prevent hash function DoS attack | tomcat6 (Ubuntu) | Undecided | Fix Released | ||
909828 | Tomcat needs update to prevent hash function DoS attack | tomcat6 (Ubuntu Lucid) | Medium | Fix Released | ||
909828 | Tomcat needs update to prevent hash function DoS attack | tomcat6 (Ubuntu Maverick) | Medium | Fix Released | ||
909828 | Tomcat needs update to prevent hash function DoS attack | tomcat6 (Ubuntu Oneiric) | Medium | Fix Released | ||
909828 | Tomcat needs update to prevent hash function DoS attack | tomcat6 (Ubuntu Natty) | Medium | Fix Released | ||
909828 | Tomcat needs update to prevent hash function DoS attack | tomcat6 (Ubuntu Precise) | Undecided | Fix Released |
Bug #921200: tomcat 6.0.35 in Lucid
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
921200 | tomcat 6.0.35 in Lucid | tomcat6 (Ubuntu) | High | New |
Bug #1115053: Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1115053 | Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10 | tomcat7 (Ubuntu) | Undecided | Fix Released | ||
1115053 | Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10 | tomcat7 (Ubuntu Oneiric) | Undecided | Fix Released | ||
1115053 | Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10 | tomcat7 (Ubuntu Precise) | Undecided | Fix Released | ||
1115053 | Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10 | tomcat7 (Ubuntu Raring) | Undecided | Fix Released | ||
1115053 | Multiple open vulnerabilities in tomcat7 in 12.04 and 11.10 | tomcat7 (Ubuntu Quantal) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.