Apache Tomcat 4.x < 4.1.3 Denial of Service
Medium Nessus Plugin ID 49702
SynopsisThe remote Apache Tomcat server is affected by a denial of service vulnerability.
DescriptionAccording to its self-reported version number, the instance of Apache Tomcat 4.x listening on the remote host is prior to 4.1.3. It is, therefore, affected by a denial of service vulnerability.
A malicious HTTP request can cause a request processing thread to become unresponsive. Further requests of this type can cause all request processing threads to become unresponsive.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Apache Tomcat version 4.1.3 or later.