oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: slowloris for tomcat

From: Kurt Seifried <kseifried () redhat com>
Date: Sun, 25 Nov 2012 17:52:19 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/25/2012 05:10 PM, David Jorm wrote:

The old slowloris attack has CVE IDs for various affected
platforms, but not for tomcat. My testing has shown that tomcat is
indeed affected, and others [0] [1] back this up. Could we please
get a CVE ID assigned for slowloris as it affects tomcat?

Thanks



Please use CVE-2012-5568 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQsr0/AAoJEBYNRVNeJnmTMCQQAIPCAox82g0duJMP8iQonC6J
5c5BrzhlNCMlSkVx+UsDsf5D3epNO6NZ+NNjapry0JBF+UkgB6L+KmE/RirmAosd
ppgXZKqeoYJxjhhaq02STlJGyQa4dEOKS5+uUz7gurhzlkHPRw1lLbStVir3CQVK
Tcw9eiB485J/yEFeMCEyZjYB8o16V+kATUHKp0Uft78tjxkfjwr2Gleccbrx54pv
Wh8e2YH0CHL5buHwvVHTg0kvgIC/TyYBcqZQMihVpRf13K06bdj3wldDe107QoBN
A2UnncLxNWuPBfUD9fRutabG45fJJmZYV2kC221YJIF33/24BYixbrg6f2Vm6BaZ
4Uxf8Xh+Riw1bjUEZdjV/VbSvk53KMC6SOFQneYeXZqR+zKRjLVOBTuTzKp1uH6T
/403tlABGSnGosntMfY8DN0QfJzScPkiap2zb3kvKyAGNitaOTtqiE2pVfelEI2c
vEmx4HMLvMAUJ+i6E90aXIgBFfvyu50Mzmh5C1mXpPr2QtZpUEzalRLszpkyASSO
VXBDXj4ZrB5y8th0MxTmQqoIIsoaPLq1RV+Ye6H3GIzyf2bHqAqhmbaGiyx5Co7m
Qw9p5wN7F0Av4e32w/z8DiRaAcqyZ/3D19jV0PUIacvnwV4iy8CddmC44CLMpH/S
rnre/Q8jk/oESSX0ORzo
=J0kT
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: