Hi,
I have a question about the applicability of the CVE-2009-0033<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033>DoS vulnerability in Tomcat 5.5.x. I have come across the description of the vulnerability at multiple places, but at most of the places it is mentioned that this vulnerability is applicable when the Java AJP connector (inside Tomcat) and the mod_jk loadbalancing (in Apache) is used. Can someone please confirm if this vulnerability be applicable even in the scenario where I have a single AJP connector configured with mod_jk? I do not have the mod_jk configured in a load balancing mode to multiple AJP connector ports on Tomcat. I just have a single worker defined in the worker.properties file. Appreciate any quick responses which could help in making this determination. Thanks Swapan.
