COMMAND

	Apache Tomcat Denial of Service

SYSTEMS AFFECTED

	Apache Tomcat 4.0.3 on Windows 2000 Server

PROBLEM

	In advisory of Peter Gründl from KPMG Danemark :
	

	By sending a large amount of null characters to the web  service  it  is
	possible to cause a working thread to  hang.  The  default  installation
	has 75 working threads, which means this malformed  request  has  to  be
	sent to the server 75 times.

SOLUTION

	Upgrade to V4.1.3 beta, which is available here :
	

	http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.1.3-beta/