HTTP Server Prone To Slow Denial Of Service Attack(CVE-2007-6750 CVE-2012-5568)

HTTP Server Prone To Slow Denial Of Service Attack(CVE-2007-6750 CVE-2012-5568)

Few third party vulnerability scanning tools has reported that OpManager has this
DOS vulnerability CVE-2007-6750 CVE-2012-5568.

TOMCAT developers have mentioned that it is not a vulnerability in TOMCAT and they don't have the plans to to fix it.
Please check the link below.

http://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat

Low: Denial Of Service CVE-2012-5568

Sending an HTTP request 1 byte at a time will consume a thread from the connection pool until the request has been fully processed if using the BIO or APR/native HTTP connectors. Multiple requests may be used to consume all threads in the connection pool thereby creating a denial of service.

Since the relationship between the client side resources and server side resources is a linear one, this issue is not something that the Tomcat Security Team views as a vulnerabilityThis is a generic DoS problem and there is no magic solution. This issue has been discussed several times on the Tomcat mailing lists. The best place to start to review these discussions is the report for bug 54236. 


OpManager users might need to worry about this DOS vulnerability only when it is hosted external(internet). Since OpManager is mostly internal, the impact of this DOS attach would be nil or negligible in OpManager.  Even if it is external, user can configure some firewall policies to mitigate this DOS attack as mentioned here.

http://security.stackexchange.com/questions/42618/how-to-protect-tomcat-7-against-slowloris-attack




          • Related Articles

          • HTTP to HTTPS Redirection

            Below mentioned steps will allow you to redirect all the HTTP(port 80) requests on OpManager application (e.g. http://localhost) to HTTPS(port 443) (https://localhost). Before proceeding, ensure your SSL certificate is successfully installed so you ...
          • Poodle Vulnerability CVE-2014-3566

            POODLE, which stands for Padding Oracle on Downloaded Legacy Encryption, makes it possible for hackers to snoop on a user’s web browsing. The problem is an 18-year-old encryption standard, known as SSL v3, which is still used by older browsers like ...
          • OpManager Service does not start automatically after Opmanager server restart

            Question: Why OpManager service does  not start automatically even though the service start up  type is set to                 automatic? Solution: There are scenarios where security applications like Symantech end point security , Trend micro or any ...
          • PGSQL:SubmitQuery.do vulnerability (CVE-2015-7765, CVE-2015-7766)

            http://seclists.org/fulldisclosure/2015/Sep/66 Vulnerability Detail: Any account that has access to the web interface with Administrator rights has the possibility to use a web form to execute SQL queries on the backend PostgreSQL instance. By ...
          • Migrating OpManager from one server to another

            Here are the steps to go about migrating OpManager to a new server: 1. Please click on Support->About on the OpManager webclient to make a note of the build number of the existing OpManager installation. 2. Take a backup of your existing database by ...