The host is running Apache Tomcat Server and is prone to denial of service vulnerability.
Successful exploitation could allow remote attackers to cause a denial of service via a specially crafted form sent in a HTTP POST request. Impact Level: Application.
Apply patch or upgrade Apache Tomcat to 5.5.35, 6.0.35, 7.0.23 or later, For updates refer to http://tomcat.apache.org/ ***** NOTE: Ignore this warning, if above mentioned patch is manually applied. *****
The flaw is due to an error within a hash generation function when computing hash values for form parameter and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.
Apache Tomcat version before 5.5.35, 6.x to 6.0.34 and 7.x to 7.0.22 on Windows.
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
- IBM WebSphere Application Server (WAS) Security Bypass Vulnerability - March 2011
- Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
- IBM WebSphere Application Server (WAS) XSS and CSRF Vulnerabilities
- Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability