Apache Tomcat Remote Denial of Service Vulnerability (CVE-2014-0186)
Release date:
Updated on:
Affected Systems:
Apache Group Tomcat 7.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 68072
CVE (CAN) ID: CVE-2014-0186
Apache Tomcat is a popular open-source JSP application server program.
Apache Tomcat 7.0.42-4. el7 build and other versions have the Remote Denial of Service Vulnerability. Remote attackers can exploit this vulnerability to exhaust CPU resources on the Tomcat server by sending specially crafted requests to the affected server.
Deploy Solr 4 on Ubuntu 12.04 LTS through Tomcat
Deploy Solr (4.4) to Tomcat (7.0.53) in Ubuntu)
Load Balancing between Apache and multiple Tomcat clusters in Linux
Nginx Tomcat Cluster load balancing solution notes
Instance details Tomcat component installation + Nginx reverse proxy Tomcat + Apache use mod_jk and mod_proxy Reverse Proxy and load balancing
Build an Apache + Tomcat environment (JK deployment process)
<* Source: Red Hat
Link: https://rhn.redhat.com/errata/RHSA-2014-0686.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Apache Group
------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://jakarta.apache.org/tomcat/index.html
Tomcat details: click here
Tomcat: click here
This article permanently updates the link address: