Mandriva Linux Security Advisory : tomcat5 (MDVSA-2012:085)
Medium Nessus Plugin ID 59315
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in tomcat5 :
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858 (CVE-2012-0022).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.