4 matches found
Debian DSA-395-1 : tomcat4 - incorrect input handling
Aldrin Martoq has discovered a denial of service DoS vulnerability in Apache Tomcat 4.0.x. Sending several non-HTTP requests to Tomcat's HTTP connector makes Tomcat reject further requests on this port until it is restarted. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
CVE-2003-0866
CVE-2003-0866 affects the Catalina org.apache.catalina.connector.http package in Apache Tomcat 4.0.x up to 4.0.6, where malformed HTTP requests can cause the request processing thread pool to become unresponsive, allowing a DoS. Public detail from GHSA confirms Tomcat 4.0.x DoS exposure; remediat...
CVE-2003-0866
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...
Fixed in Apache Tomcat 4.1.0
Important: Denial of service CVE-2003-0866 A malformed HTTP request can cause the request processing thread to become unresponsive. A sequence of such requests will cause all request processing threads, and hence Tomcat as a whole, to become unresponsive. Affects: 4.0.0-4.0.6 Low: Information...