[ MDVSA-2015:053 ] tomcat6

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:053
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : tomcat6
 Date    : March 3, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated tomcat6 packages fix security vulnerabilities:
 
 Integer overflow in the parseChunkHeader function in
 java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in
 Apache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote
 attackers to cause a denial of service (resource consumption) via a
 malformed chunk size in chunked transfer coding of a request during
 the streaming of data (CVE-2014-0075).
 
 java/org/apache/catalina/servlets/DefaultServlet.java in the default
 servlet in Apache Tomcat before 6.0.40 and

007 Software

[ MDVSA-2015:053 ] tomcat6

Leave a Reply Cancel reply

Software and Security Information