Apache Tomcat NIO HTTP Connector Denial of Service Vulnerability
CVE-2011-0534 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
Learn more about our Cis Benchmark Audit For Apache Tomcat.