Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Ubuntu 14.04/12.04 USN-3204-1 Moderate: Tomcat Resource Consumption

ubuntu
Calendar Grey February 20, 2017
Dist Ubuntu Esm H88
Apache HTTP Server issues on Debian may allow for excessive resource usage from malicious requests; ensure patches are applied.
Tomcat could be made to consume resources if it received specially crafted network traffic.

Summary

Tomcat could be made to consume resources if it received specially crafted

network traffic.

Software Description:

- tomcat7: Servlet and JSP engine

- tomcat6: Servlet and JSP engine

Details:

It was discovered that Tomcat incorrectly handled certain HTTP requests. A

remote attacker could possibly use this issue to cause Tomcat to consume

resources, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  libtomcat7-java                 7.0.52-1ubuntu0.10
  tomcat7                         7.0.52-1ubuntu0.10

Ubuntu 12.04 LTS:
  libtomcat6-java                 6.0.35-1ubuntu3.11
  tomcat6                         6.0.35-1ubuntu3.11

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3204-1

CVE-2017-6056

February 20, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.