Описание
Apache Tomcat DoS Via Requests Including Null Characters
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-0935
- https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
- https://web.archive.org/web/20020822030311/http://www.iss.net/security_center/static/9396.php
- https://web.archive.org/web/20021010182017/http://online.securityfocus.com/bid/5067
- https://web.archive.org/web/20021116054924/http://online.securityfocus.com/archive/1/277940
- https://web.archive.org/web/20070525180638/http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html
Пакеты
Наименование
org.apache.tomcat:tomcat
maven
Затронутые версииВерсия исправления
< 4.1.3-beta
4.1.3-beta
Связанные уязвимости
nvd
больше 22 лет назад
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
debian
больше 22 лет назад
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, al ...