Tomcat hangs 2004-02-12 - By Shapira, Yoav
Back
Howdy,
Have you tried this with a more recent tomcat version?
Yoav Shapira
Millennium ChemInformatics
>-- --Original Message-- --
>From: Chris Rolfe [mailto:spamproof@(protected)]
>Sent: Thursday, February 12, 2004 2:01 PM
>To: Tomcat
>Subject: Re: Tomcat hangs
>
>Hello,
>
>I posted a query last week about Tomcat 4.0.6 under OS X hanging, but
>haven't seen any response (was: SocketInputStream hanging Tomcat
4.0.6).
>
>Is there anything more I can do ( more information I can provide, for
>example ) to illicit feedback from the list or the developer of the
code
>section?
>
>This appears to be a vulnerability in Tomcat 4.0.6 - 4.1.x.
>
>-- ---- ---- ----
>The problem:
>
>Stage 1: According to the catalina log, SocketInputStream.readHeader is
>throwing ArrayIndexOutOfBounds exceptions at line 487.
>
>Stage 2: Successive throws eventually cause Tomcat to respond to all
>requests with error 400: bad request.
>
>The original http requests stemmed from one IP range, whose access I've
>since disabled. I'm very concerned that a single user was able to bring
>down
>the server.
>
>Does anyone have a feel for what's happening here?
>
>Chris
>
>
>-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
>For additional commands, e-mail: tomcat-user-help@(protected)
This e-mail, including any attachments, is a confidential business
communication, and may contain information that is confidential, proprietary
and/or privileged. This e-mail is intended only for the individual(s) to whom
it is addressed, and may not be saved, copied, printed, disclosed or used by
anyone else. If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender. Thank you.
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
|
|
