Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0045

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0045
Last Modified 05 Sep 2008 04:33:19
Published 07 Feb 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0045

Summary

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.

Vulnerable Systems

Application

  • Apache Tomcat 3.0

  • Apache Tomcat 3.1

  • Apache Tomcat 3.1.1

  • Apache Tomcat 3.2

  • Apache Tomcat 3.2.1

  • Apache Tomcat 3.2.3

  • Apache Tomcat 3.2.4

  • Apache Tomcat 3.3

  • Apache Tomcat 3.3.1


References

XF - jakarta-tomcat-msdos-dos(12102)

CONFIRM - http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt


Last Updated: 27 May 2016 10:37:46