Computer Security
[EN] no-pyccku

Descriptionhttp/conn/ssl/ in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
PhaseAssigned (01.07.2015)
ReferencesSECTRACK : 1033743
 FEDORA : FEDORA-2015-15588
 FEDORA : FEDORA-2015-15589
 FEDORA : FEDORA-2015-15590
 UBUNTU : USN-2769-1
SecurityVulns:Apache Commons HttpClient DoS
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod