CVE-2012-5568

Upstream information

CVE-2012-5568 at MITRE

Description

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entries: 791426 [RESOLVED / FIXED], 791679 [RESOLVED / FIXED]

SUSE Security Advisories:

• SUSE-SU-2013:0226-1, published Fri Feb 1 09:04:21 MST 2013
• TID3426981, published Sa 3. Mär 12:01:58 CET 2018
• openSUSE-SU-2012:1700-1, published Thu, 27 Dec 2012 17:08:34 +0100 (CET)
• openSUSE-SU-2012:1701-1, published Thu, 27 Dec 2012 17:09:46 +0100 (CET)
• openSUSE-SU-2013:0147-1, published Wed, 23 Jan 2013 14:05:42 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2	tomcat6 >= 6.0.18-20.35.40.1 tomcat6-admin-webapps >= 6.0.18-20.35.40.1 tomcat6-docs-webapp >= 6.0.18-20.35.40.1 tomcat6-javadoc >= 6.0.18-20.35.40.1 tomcat6-jsp-2_1-api >= 6.0.18-20.35.40.1 tomcat6-lib >= 6.0.18-20.35.40.1 tomcat6-servlet-2_5-api >= 6.0.18-20.35.40.1 tomcat6-webapps >= 6.0.18-20.35.40.1	Patchnames: slessp2-tomcat6
SUSE Linux Enterprise Server 11 SP3	tomcat6 >= 6.0.18-20.35.40.1 tomcat6-admin-webapps >= 6.0.18-20.35.40.1 tomcat6-docs-webapp >= 6.0.18-20.35.40.1 tomcat6-javadoc >= 6.0.18-20.35.40.1 tomcat6-jsp-2_1-api >= 6.0.18-20.35.40.1 tomcat6-lib >= 6.0.18-20.35.40.1 tomcat6-servlet-2_5-api >= 6.0.18-20.35.40.1 tomcat6-webapps >= 6.0.18-20.35.40.1	Patchnames: SUSE Linux Enterprise Server 11 SP3 GA tomcat6-6.0.18-20.35.40.1
SUSE Linux Enterprise Server 11 SP4	tomcat6 >= 6.0.41-0.43.1 tomcat6-admin-webapps >= 6.0.41-0.43.1 tomcat6-docs-webapp >= 6.0.41-0.43.1 tomcat6-javadoc >= 6.0.41-0.43.1 tomcat6-jsp-2_1-api >= 6.0.41-0.43.1 tomcat6-lib >= 6.0.41-0.43.1 tomcat6-servlet-2_5-api >= 6.0.41-0.43.1 tomcat6-webapps >= 6.0.41-0.43.1	Patchnames: SUSE Linux Enterprise Server 11 SP4 GA tomcat6-6.0.41-0.43.1

---

SUSE Timeline for this CVE

CVE page created: Thu Jul 17 17:20:00 2014
CVE page last modified: Mon Dec 12 17:44:19 2022