You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Manohar Mikkili <mi...@gmail.com> on 2023/02/24 05:57:17 UTC
emulate slowloris DoS attack on apache-tomcat-9.0.71
I am trying to emulate the slowloris DoS attack on Tomcat v9.0.71
Despite much deliberation, I failed to achieve this.
Since this CVE is a pretty old one(circa 2012) my guess is that the same
has been taken care of in the subsequent Tomcat releases. I could not find
any documented evidence that google has presented so far.
Can you someone from this august forum pls advise/validate my presumptions
about this?
thanks in advance
Manohar.
Re: emulate slowloris DoS attack on apache-tomcat-9.0.71
Posted by Mark Thomas <ma...@apache.org>.
On 24/02/2023 05:57, Manohar Mikkili wrote:
> I am trying to emulate the slowloris DoS attack on Tomcat v9.0.71
> Despite much deliberation, I failed to achieve this.
>
> Since this CVE is a pretty old one(circa 2012) my guess is that the same
> has been taken care of in the subsequent Tomcat releases. I could not find
> any documented evidence that google has presented so far.
>
> Can you someone from this august forum pls advise/validate my presumptions
> about this?
This is CVE-2012-5568 (which should not have been allocated but that is
a different topic).
See:
https://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat
https://tomcat.apache.org/security-impact.html
Newer version of Tomcat will be less susceptible to this attack since
they use non-blocking I/O.
That said, servers are always going to have a connection limit somewhere
and if an attacker can consume most/all of those connections with
traffic that appears to be legitimate you are going to see a DoS.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org