Denial of Service Vulnerability in Apache Tomcat NIO Connector

Denial of Service Vulnerability in Apache Tomcat NIO Connector

CVE-2012-4534 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:N/A:P

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.

Learn more about our Cis Benchmark Audit For Apache Http Server.