You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Stuart Moore <sm...@securityglobal.net> on 2003/03/24 22:44:16 UTC

elaboration on Tomcat 4.1.24 DoS?

Hi,

I run the SecurityTracker web site (http://securitytracker.com/), which is dedicated to reporting on
computer and network security vulnerabilities (and their fixes).  I read on the "news" page that
Tomcat 4.1.24 contains a fix for a denial of service issue:

>22 March 2003 - Tomcat 4.1.24 Stable Released
>
> [...] Among other bugfixes and improvements, Tomcat 4.1.24 includes a fix for a denial of
> service problem which can occur when Tomcat is run with SSL. 

I was unable to locate additional information on this. There are some potentially related issues in
Bugzilla, but I couldn't determine that for certain.  Can you provide some elaboration?  I am not
looking for exploit techniques, but I would like to make sure that we properly categorize this in
our database.

Thanks,

Stuart


-- 
Stuart Moore
SecurityTracker.com
SecurityGlobal.net LLC
smoore@securityglobal.net
+1 301 495 5930 voice
+1 413 691 4346 fax

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org