{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2007-6286","title":"Title"},{"category":"description","text":"Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of \"a duplicate copy of one of the recent requests,\" as demonstrated by using netcat to send the empty request.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2007-6286","url":"https://www.suse.com/security/cve/CVE-2007-6286"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 360503 for CVE-2007-6286","url":"https://bugzilla.suse.com/360503"},{"category":"external","summary":"SUSE Bug 427726 for CVE-2007-6286","url":"https://bugzilla.suse.com/427726"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:004","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPPEFMFC7GCUUZ5CIPX7VFYKXZCRGT5N/#BPPEFMFC7GCUUZ5CIPX7VFYKXZCRGT5N"}],"title":"SUSE CVE CVE-2007-6286","tracking":{"current_release_date":"2023-12-09T03:39:43Z","generator":{"date":"2023-02-15T06:09:57Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2007-6286","initial_release_date":"2023-02-15T06:09:57Z","revision_history":[{"date":"2023-02-15T06:09:57Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:17:37Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:39:43Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}