PT-2002-2617 · Apache+1 · Ajp1.3 Connector+3

Publicado

2002-12-31

Atualizado

2019-03-25

CVE-2002-1895

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Jakarta Apache Tomcat versions 3.3 through 4.0.4

Description The issue allows remote attackers to cause a denial of service via a large number of HTTP GET requests for an MS-DOS device. This problem is specific to configurations using IIS in conjunction with Tomcat and the AJP1.3 connector.

Recommendations For Jakarta Apache Tomcat versions 3.3 through 4.0.4, update to version 4.1.10 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-1895

Produtos afetados

Ajp1.3 Connector

Apache Tomcat

Iis

Jakarta Apache Tomcat

PT-2002-2617 · Apache+1 · Ajp1.3 Connector+3

CVE-2002-1895

Identificadores relacionados

Produtos afetados

Referências · 9