Published:2005/03/14 Last Updated:2008/05/21
JVN#DD18AD07
Apache Tomcat denial of service vulnerability
Overview
Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.
Apache Tomcat contains a vulnerability that may allow a remote attacker to cause a denial of service (DoS).
Products Affected
- Apache Jakarta Tomcat Version 3.x
Description
Impact
A remote attacker may cause a denial of service (DoS).
Solution
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Hitachi | Vulnerable | 2005/03/14 | |
| FUJITSU LIMITED | Not Vulnerable | 2005/10/04 | |
| Trend Micro Incorporated | Not Vulnerable | 2005/04/11 |
| Vendor | Link |
| Apache |
Apache Information for VU#204710 |
References
- US-CERT Vulnerability Note VU#204710
Apache Tomcat fails to properly handle certain requests
JPCERT/CC Addendum
Credit
HIRT (Hitachi Incident Response Team) reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2005-000183 |