F5 Networks BIG-IP : Apache Tomcat vulnerability (SOL15426)
Medium Nessus Plugin ID 78185
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionInteger overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL15426.