|
Aldrin Martoq has discovered a denial of service (DoS) vulnerability in Apache Tomcat 4.0.x. Sending several non-HTTP requests to Tomcat's HTTP connector makes Tomcat reject further requests on this port until it is restarted.
For the current stable distribution (woody) this problem has been fixed in version 4.0.3-3woody3.
For the unstable distribution (sid) this problem does not exist in the current version 4.1.24-2.
We recommend that you upgrade your tomcat4 packages and restart the tomcat server.
MD5 checksums of the listed files are available in the original advisory.