Date: Sun, 25 Nov 2012 19:10:47 -0500 (EST) From: David Jorm <djorm@...hat.com> To: "oss-security " <oss-security@...ts.openwall.com> Subject: CVE Request: slowloris for tomcat The old slowloris attack has CVE IDs for various affected platforms, but not for tomcat. My testing has shown that tomcat is indeed affected, and others   back this up. Could we please get a CVE ID assigned for slowloris as it affects tomcat? Thanks -- David Jorm / Red Hat Security Response Team  http://tomcat.10.n6.nabble.com/How-does-Tomcat-handle-a-slow-HTTP-DoS-td2147776.html  http://captainholly.wordpress.com/2009/06/19/slowloris-vs-tomcat/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.