Hi everyone,
We have released a hotfix that addresses the following:
- CVE-2015-7501: Deserialization vulnerability in the Apache® Commons-Collections library
- CVE-2015-3269: BlazeDS XML External Entity (XXE) vulnerability
Slowloris is a pain because we are not using apache in the ways that have been mentioned in many posts we have followed over the years. We are looking into some fixes that may be possible for this, but if it was just a package update it would have been fixed long ago.
You need to be on 6.2.1
http://downloads.solarwinds.com/solarwinds/Release/HotFix/LEM-v6.2.1-HotFix1.zip
Thanks