Computer Security
[EN] securityvulns.ru no-pyccku


Apache Commons HttpClient DoS
Published:25.10.2015
Source:
SecurityVulns ID:14740
Type:library
Threat Level:
5/10
Description:No timeout on handshake.
Affected:APACHE : commons-httpclient 3.1
CVE:CVE-2015-5262 (http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.)
Original documentdocumentUBUNTU, [USN-2769-1] Apache Commons HttpClient (25.10.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod