Описание
Apache Tomcat Denial of Service vulnerability in the Catalina package
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0866
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13429
- https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=215506
- http://secunia.com/advisories/30899
- http://secunia.com/advisories/30908
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
- http://tomcat.apache.org/security-4.html
- http://www.debian.org/security/2003/dsa-395
- http://www.securityfocus.com/bid/8824
- http://www.vupen.com/english/advisories/2008/1979/references
Пакеты
Наименование
org.apache.tomcat:tomcat
maven
Затронутые версииВерсия исправления
>= 4.0, < 4.1.0
4.1.0
Связанные уязвимости
nvd
около 22 лет назад
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
debian
около 22 лет назад
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0. ...