Executive Summary

Informations
NameCVE-2012-5568First vendor Publication2012-11-30
VendorCveLast vendor Modification2017-08-28

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5568

CWE : Common Weakness Enumeration

%idName
100 %CWE-16Configuration

CPE : Common Platform Enumeration

TypeDescriptionCount
Application235

OpenVAS Exploits

DateDescription
2012-12-05Name : Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)
File : nvt/gb_apache_tomcat_partial_http_req_dos_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

DateDescription
2013-11-21IAVM : 2013-A-0219 - Multiple Vulnerabilities in Juniper Networks and Security Manager
Severity : Category I - VMSKEY : V0042384

Snort® IPS/IDS

DateDescription
2014-01-10PyLoris http DoS tool
RuleID : 28532 - Revision : 3 - Type : MALWARE-TOOLS

Nessus® Vulnerability Scanner

DateDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-883.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-884.nasl - Type : ACT_GATHER_INFO
2013-11-21Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_2012_2_r5.nasl - Type : ACT_GATHER_INFO
2013-02-04Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_tomcat5-8397.nasl - Type : ACT_GATHER_INFO
2013-02-04Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_tomcat6-130107.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/56686
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=880011
MISC http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/
MLIST http://openwall.com/lists/oss-security/2012/11/26/2
http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc21477...
http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-tc21477...
SUSE http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/80317

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
DateInformations
2017-08-29 09:24:08
  • Multiple Updates
2017-04-22 12:01:29
  • Multiple Updates
2017-03-30 12:03:57
  • Multiple Updates
2016-10-15 01:01:06
  • Multiple Updates
2016-10-06 12:01:53
  • Multiple Updates
2016-04-26 22:29:48
  • Multiple Updates
2014-06-14 13:33:57
  • Multiple Updates
2014-02-17 11:14:22
  • Multiple Updates
2014-01-19 21:28:57
  • Multiple Updates
2013-11-25 17:21:14
  • Multiple Updates
2013-05-10 22:49:46
  • Multiple Updates
2013-03-07 13:19:56
  • Multiple Updates
2013-02-26 13:18:59
  • Multiple Updates
2013-02-14 13:25:06
  • Multiple Updates
2013-02-08 13:20:11
  • Multiple Updates
2013-02-01 13:20:45
  • Multiple Updates
2012-12-03 21:20:47
  • Multiple Updates
2012-12-01 00:22:52
  • First insertion