HTTPS NIO Connector is vulnerable to Denial Of Service (DoS) attacks. The component Socket Handler
’s functionality is affected by opening a socket and not sending an SSL handshake which results in a read-timeout vulnerability.
rhn.redhat.com/errata/RHSA-2016-0595.html
rhn.redhat.com/errata/RHSA-2016-0595.html
rhn.redhat.com/errata/RHSA-2016-0596.html
rhn.redhat.com/errata/RHSA-2016-0596.html
rhn.redhat.com/errata/RHSA-2016-0597.html
rhn.redhat.com/errata/RHSA-2016-0597.html
rhn.redhat.com/errata/RHSA-2016-0598.html
rhn.redhat.com/errata/RHSA-2016-0598.html
rhn.redhat.com/errata/RHSA-2016-0599.html
rhn.redhat.com/errata/RHSA-2016-0599.html
access.redhat.com/documentation/en/jboss-enterprise-application-platform/
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1291760
bugzilla.redhat.com/show_bug.cgi?id=1295463
bugzilla.redhat.com/show_bug.cgi?id=1299560
bugzilla.redhat.com/show_bug.cgi?id=1299904
bugzilla.redhat.com/show_bug.cgi?id=1302405
bugzilla.redhat.com/show_bug.cgi?id=1304475
bugzilla.redhat.com/show_bug.cgi?id=1308465
bugzilla.redhat.com/show_bug.cgi?id=1308465
bugzilla.redhat.com/show_bug.cgi?id=1310701
bugzilla.redhat.com/show_bug.cgi?id=1311624
bugzilla.redhat.com/show_bug.cgi?id=1312042
rhn.redhat.com/errata/RHSA-2016-0595.html