Published:2005/03/14  Last Updated:2008/05/21

JVN#DD18AD07
Apache Tomcat denial of service vulnerability

Overview

Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages technologies.
Apache Tomcat contains a vulnerability that may allow a remote attacker to cause a denial of service (DoS).

Products Affected

  • Apache Jakarta Tomcat Version 3.x

Description

Impact

A remote attacker may cause a denial of service (DoS).

Solution

Vendor Status

Vendor Status Last Update Vendor Notes
Hitachi Vulnerable 2005/03/14
FUJITSU LIMITED Not Vulnerable 2005/10/04
Trend Micro Incorporated Not Vulnerable 2005/04/11

References

  1. US-CERT Vulnerability Note VU#204710
    Apache Tomcat fails to properly handle certain requests

JPCERT/CC Addendum

Credit

HIRT (Hitachi Incident Response Team) reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2005-000183

Update History