AvalancheMC, AvalancheSE, and Avalanche running Tomcat Server
- Common Vulnerabilities & Exposures (CVE) CVE-2007-6750 CVE-2009-5111
The issue affects Tomcat servers also, but no patch is available for Tomcat as the Tomcat security team does not consider this as a vulnerability.
More information here: http://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat
- Set appropriate timeout values in the connectionTimeout property for the relevant Connector(s) defined in server.xml,
Further information here: https://bugzilla.redhat.com/show_bug.cgi?id=880011