Schweregrad:: Mittel
  CVE Kennungen:: CVE-2012-2733
  Hinweisdatum: 21 Juli 2015

  Beschreibung

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.

  Trend Micro Lösungen

Apply associated Trend Micro DPI Rules.

  Lösungen

  Trend Micro Deep Security DPI Rule Number: 1000131
  Trend Micro Deep Security DPI Rule Name: 1000131 - HTTP Header Length Restriction

  Betroffene Software und Version:

  • apache tomcat 6.0
  • apache tomcat 6.0.0
  • apache tomcat 6.0.1
  • apache tomcat 6.0.10
  • apache tomcat 6.0.11
  • apache tomcat 6.0.12
  • apache tomcat 6.0.13
  • apache tomcat 6.0.14
  • apache tomcat 6.0.15
  • apache tomcat 6.0.16
  • apache tomcat 6.0.17
  • apache tomcat 6.0.18
  • apache tomcat 6.0.19
  • apache tomcat 6.0.2
  • apache tomcat 6.0.20
  • apache tomcat 6.0.24
  • apache tomcat 6.0.26
  • apache tomcat 6.0.27
  • apache tomcat 6.0.28
  • apache tomcat 6.0.29
  • apache tomcat 6.0.3
  • apache tomcat 6.0.30
  • apache tomcat 6.0.31
  • apache tomcat 6.0.32
  • apache tomcat 6.0.33
  • apache tomcat 6.0.35
  • apache tomcat 6.0.4
  • apache tomcat 6.0.5
  • apache tomcat 6.0.6
  • apache tomcat 6.0.7
  • apache tomcat 6.0.8
  • apache tomcat 6.0.9
  • apache tomcat 7.0.0
  • apache tomcat 7.0.1
  • apache tomcat 7.0.10
  • apache tomcat 7.0.11
  • apache tomcat 7.0.12
  • apache tomcat 7.0.13
  • apache tomcat 7.0.14
  • apache tomcat 7.0.15
  • apache tomcat 7.0.16
  • apache tomcat 7.0.17
  • apache tomcat 7.0.18
  • apache tomcat 7.0.19
  • apache tomcat 7.0.2
  • apache tomcat 7.0.20
  • apache tomcat 7.0.21
  • apache tomcat 7.0.22
  • apache tomcat 7.0.23
  • apache tomcat 7.0.25
  • apache tomcat 7.0.3
  • apache tomcat 7.0.4
  • apache tomcat 7.0.5
  • apache tomcat 7.0.6
  • apache tomcat 7.0.7
  • apache tomcat 7.0.8
  • apache tomcat 7.0.9