Red Hat JBoss Web Server is vulnerable to denial of service (DoS) attacks. It is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP) which results in a server crash (DOS).
rhn.redhat.com/errata/RHSA-2016-1648.html
rhn.redhat.com/errata/RHSA-2016-1648.html
rhn.redhat.com/errata/RHSA-2016-1649.html
rhn.redhat.com/errata/RHSA-2016-1649.html
rhn.redhat.com/errata/RHSA-2016-1650.html
rhn.redhat.com/errata/RHSA-2016-1650.html
rhn.redhat.com/errata/RHSA-2016-2054.html
rhn.redhat.com/errata/RHSA-2016-2054.html
rhn.redhat.com/errata/RHSA-2016-2055.html
rhn.redhat.com/errata/RHSA-2016-2055.html
rhn.redhat.com/errata/RHSA-2016-2056.html
rhn.redhat.com/errata/RHSA-2016-2056.html
www.securityfocus.com/bid/92584
www.securityfocus.com/bid/92584
access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/2.1/html/2.1.1_Release_Notes/index.html
access.redhat.com/security/updates/classification/#important
access.redhat.com/security/vulnerabilities/httpoxy
access.redhat.com/site/documentation/
access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Web_Server/2/html-single/Installation_Guide/index.html
bugzilla.redhat.com/show_bug.cgi?id=1326320
bugzilla.redhat.com/show_bug.cgi?id=1326320
bugzilla.redhat.com/show_bug.cgi?id=1337155
bugzilla.redhat.com/show_bug.cgi?id=1337397
bugzilla.redhat.com/show_bug.cgi?id=1338646
bugzilla.redhat.com/show_bug.cgi?id=1358118
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/
lists.fedoraproject.org/archives/list/[email protected]/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/
lists.fedoraproject.org/archives/list/[email protected]/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/
lists.fedoraproject.org/archives/list/[email protected]/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/
lists.fedoraproject.org/archives/list/[email protected]/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/
lists.fedoraproject.org/archives/list/[email protected]/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/
lists.fedoraproject.org/archives/list/[email protected]/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/
rhn.redhat.com/errata/RHSA-2016-1648.html