Apache Tomcat is a widely used Web server for hosting applications developed with the Java Servlet and the JavaServer Pages (JSP) technologies are at risk due to denial-of-service issue. Recently, Security researchers published a proof-of-concept exploit for vulnerability that allows attackers to launch denial-of-service attacks against websites hosted on Apache Tomcat servers. The new denial-of-service vulnerability is located in Apache Commons FileUpload, a stand-alone library that developers can use to add file upload capability to their Java Web-based applications. This library is also included by default in Apache Tomcat versions 7 and 8 in order to support the processing of mime-multipart requests. The multipart content type is used when an HTTP request needs to include different sets of data in its body. <more>

Leave a Reply

Your email address will not be published. Required fields are marked *