CVE-2012-5568

Impact:
Low
Public Date:
2009-06-17
Bugzilla:
880011: CVE-2012-5568 tomcat: Slowloris denial of service

The MITRE CVE dictionary describes this issue as:

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.

Find out more about CVE-2012-5568 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects tomcat and jbossweb as shipped in various Red Hat products. This issue can be mitigated using appropriate firewall configuration, as noted here:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6750

This issue can also be partially mitigated by configuring an appropriate timeout using the connectionTimeout property for the relevant Connector(s) defined in server.xml, but testing shows that some variants of the attack may still be effective with this configuration. The tomcat project has advised that although this flaw can affect tomcat, there is no good solution available, and the tomcat security team does not consider it a vulnerability in tomcat or plan to release a patch:

http://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 5
Base Metrics AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Last Modified

CVE description copyright © 2017, The MITRE Corporation