Apache Tomcat Remote Denial of Service Vulnerability (CVE-2014-0186)

Apache Tomcat Remote Denial of Service Vulnerability (CVE-2014-0186)

Release date:
Updated on:

Affected Systems:
Apache Group Tomcat 7.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 68072
CVE (CAN) ID: CVE-2014-0186
 
Apache Tomcat is a popular open-source JSP application server program.
 
Apache Tomcat 7.0.42-4. el7 build and other versions have the Remote Denial of Service Vulnerability. Remote attackers can exploit this vulnerability to exhaust CPU resources on the Tomcat server by sending specially crafted requests to the affected server.

Deploy Solr 4 on Ubuntu 12.04 LTS through Tomcat

Deploy Solr (4.4) to Tomcat (7.0.53) in Ubuntu)

Load Balancing between Apache and multiple Tomcat clusters in Linux

Nginx Tomcat Cluster load balancing solution notes

Instance details Tomcat component installation + Nginx reverse proxy Tomcat + Apache use mod_jk and mod_proxy Reverse Proxy and load balancing

Build an Apache + Tomcat environment (JK deployment process)
 
<* Source: Red Hat

Link: https://rhn.redhat.com/errata/RHSA-2014-0686.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Apache Group
------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://jakarta.apache.org/tomcat/index.html

Tomcat details: click here
Tomcat: click here

This article permanently updates the link address: