tomcat -- Denial of Service
The Tomcat security team reports:
Analysis of the recent hash collision vulnerability identified
unrelated inefficiencies with Apache Tomcat's handling of large
numbers of parameters and parameter values. These inefficiencies
could allow an attacker, via a specially crafted request, to
cause large amounts of CPU to be used which in turn could create
a denial of service. The issue was addressed by modifying the
Tomcat parameter handling code to efficiently process large
numbers of parameters and parameter values.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright