Vulnerabilities > CVE-2002-0935 - Unspecified vulnerability in Apache Tomcat 4.0.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN apache
nessus
Summary
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Web Servers |
NASL id | TOMCAT_4_1_3.NASL |
description | According to its self-reported version number, the instance of Apache Tomcat 4.x listening on the remote host is prior to 4.1.3. It is, therefore, affected by a denial of service vulnerability. A malicious HTTP request can cause a request processing thread to become unresponsive. Further requests of this type can cause all request processing threads to become unresponsive. Note that Nessus has not tested for these issues but has instead relied only on the application |
last seen | 2020-03-18 |
modified | 2010-10-01 |
plugin id | 49702 |
published | 2010-10-01 |
reporter | This script is Copyright (C) 2010-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/49702 |
title | Apache Tomcat 4.x < 4.1.3 Denial of Service |
code |
|
References
- http://www.securityfocus.com/bid/5067
- http://www.iss.net/security_center/static/9396.php
- http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html
- http://online.securityfocus.com/archive/1/277940
- http://www.osvdb.org/5051
- https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E