Lucene search
RootSSV:11529HistoryJun 05, 2009 - 12:00 a.m.
Apache Tomcat Java AJP连接器无效头拒绝服务漏洞
2009-06-0500:00:00
Root
www.seebug.org
30
0.009 Low
EPSS
Percentile
81.4%
BUGTRAQ ID: 35193
CVE(CAN) ID: CVE-2009-0033
Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
如果Tomcat通过Java AJP连接器接收到了带有无效头的请求,就会关闭AJP连接器而不是返回错误。在这个连接器是mod_jk负载均衡worker成员的情况下,这个成员就会进入出错状态,在大约一分钟的时间内无法使用。
Apache Group Tomcat 6.0.x
Apache Group Tomcat 5.5.x
Apache Group Tomcat 4.1.x
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://svn.apache.org/viewvc?rev=742915&view=rev” target=“_blank”>http://svn.apache.org/viewvc?rev=742915&view=rev</a>
<a href=“http://svn.apache.org/viewvc?rev=781362&view=rev” target=“_blank”>http://svn.apache.org/viewvc?rev=781362&view=rev</a>
<a href=“http://svn.apache.org/viewvc?rev=781362&view=rev” target=“_blank”>http://svn.apache.org/viewvc?rev=781362&view=rev</a>
GET /servlets-examples/ HTTP/1.1
Host: localhost:x
Related
prion
prion
Design/Logic Flaw
2009-06-05 16:00:00
jvn
jvn
JVN#87272440: Apache Tomcat denial of service (DoS) vulnerability
2009-06-09 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector
2009-06-05 00:00:00
Apache Tomcat multiple security vulnerabilities
2009-06-14 00:00:00
cve
cve
CVE-2009-0033
2009-06-05 16:00:00
osv
osv
Apache Tomcat Denial of Service via Malformed Request Headers
2022-05-02 03:12:29
github
github
Apache Tomcat Denial of Service via Malformed Request Headers
2022-05-02 03:12:29
veracode
veracode
Denial Of Service (DoS)
2019-03-25 08:40:42
ubuntucve
ubuntucve
CVE-2009-0033
2009-06-05 00:00:00
altlinux
altlinux
openvas
openvas
Fedora Update for tomcat6 FEDORA-2010-16248
2010-11-16 00:00:00
Fedora Update for tomcat6 FEDORA-2010-16248
2010-11-16 00:00:00
Apache Tomcat Multiple Vulnerabilities - Jun09
2009-06-16 00:00:00
redhat
redhat
(RHSA-2009:1617) Low: tomcat security update for Red Hat Network Satellite Server
2009-11-30 00:00:00
(RHSA-2009:1506) Important: tomcat6 security update
2009-10-14 00:00:00
(RHSA-2009:1563) Important: tomcat security update
2009-11-09 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: tomcat6-6.0.26-3.fc12
2010-11-01 20:55:02
[SECURITY] Fedora 11 Update: tomcat6-6.0.20-1.fc11
2009-11-27 21:36:22
[SECURITY] Fedora 12 Update: tomcat6-6.0.20-1.fc12
2009-11-27 21:50:49
nessus
nessus
SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 6352)
2009-09-24 00:00:00
Ubuntu 8.10 / 9.04 : tomcat6 vulnerabilities (USN-788-1)
2009-06-16 00:00:00
Mandriva Linux Security Advisory : tomcat5 (MDVSA-2009:138)
2009-06-23 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 4.1.40
2008-12-12 00:00:00
Fixed in Apache Tomcat 6.0.20
2009-06-03 00:00:00
Fixed in Apache Tomcat 5.5.28
2009-09-04 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2009-06-15 00:00:00
oraclelinux
oraclelinux
tomcat security update
2009-07-21 00:00:00
centos
centos
tomcat5 security update
2009-07-29 17:30:22
debian
debian
[SECURITY] [DSA 2207-1] tomcat5.5 security update
2011-03-29 22:35:34
ibm
ibm
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2012-06-24 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
