FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  321338
Date:      2013-06-19
Time:      21:56:56Z
Committer: jgh

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7f5ccb1d-439b-11e1-bc16-0023ae8e59f0	tomcat -- Denial of Service The Tomcat security team reports: Analysis of the recent hash collision vulnerability identified unrelated inefficiencies with Apache Tomcat's handling of large numbers of parameters and parameter values. These inefficiencies could allow an attacker, via a specially crafted request, to cause large amounts of CPU to be used which in turn could create a denial of service. The issue was addressed by modifying the Tomcat parameter handling code to efficiently process large numbers of parameters and parameter values. Discovery 2011-10-21 Entry 2012-01-17 tomcat gt 5.5.0 lt 5.5.35 tomcat gt 6.0.0 lt 6.0.34 tomcat gt 7.0.0 lt 7.0.23 CVE-2012-0022 http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.35 http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.34 http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.23
7f5ccb1d-439b-11e1-bc16-0023ae8e59f0	tomcat -- Denial of Service The Tomcat security team reports: Analysis of the recent hash collision vulnerability identified unrelated inefficiencies with Apache Tomcat's handling of large numbers of parameters and parameter values. These inefficiencies could allow an attacker, via a specially crafted request, to cause large amounts of CPU to be used which in turn could create a denial of service. The issue was addressed by modifying the Tomcat parameter handling code to efficiently process large numbers of parameters and parameter values. Discovery 2011-10-21 Entry 2012-01-17 tomcat gt 5.5.0 lt 5.5.35 tomcat gt 6.0.0 lt 6.0.34 tomcat gt 7.0.0 lt 7.0.23 CVE-2012-0022 http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.35 http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.34 http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.23

VuXML ID

Description

7f5ccb1d-439b-11e1-bc16-0023ae8e59f0

tomcat -- Denial of Service

The Tomcat security team reports:

Analysis of the recent hash collision vulnerability identified unrelated inefficiencies with Apache Tomcat's handling of large numbers of parameters and parameter values. These inefficiencies could allow an attacker, via a specially crafted request, to cause large amounts of CPU to be used which in turn could create a denial of service. The issue was addressed by modifying the Tomcat parameter handling code to efficiently process large numbers of parameters and parameter values.

Discovery 2011-10-21
Entry 2012-01-17
tomcat

gt 5.5.0 lt 5.5.35

tomcat

gt 6.0.0 lt 6.0.34

tomcat

gt 7.0.0 lt 7.0.23

CVE-2012-0022
http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.35
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.34
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.23

7f5ccb1d-439b-11e1-bc16-0023ae8e59f0

tomcat -- Denial of Service

The Tomcat security team reports:

Analysis of the recent hash collision vulnerability identified unrelated inefficiencies with Apache Tomcat's handling of large numbers of parameters and parameter values. These inefficiencies could allow an attacker, via a specially crafted request, to cause large amounts of CPU to be used which in turn could create a denial of service. The issue was addressed by modifying the Tomcat parameter handling code to efficiently process large numbers of parameters and parameter values.

Discovery 2011-10-21
Entry 2012-01-17
tomcat

gt 5.5.0 lt 5.5.35

tomcat

gt 6.0.0 lt 6.0.34

tomcat

gt 7.0.0 lt 7.0.23