CVE-2005-0808

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions prior to 5.x Tomcat version 3.x

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash, by sending a crafted AJP12 packet to TCP port 8007. This can be achieved by sending the right sequence of bytes to the AJP12 protocol port.

Recommendations For Tomcat version 3.x, ensure that the AJP12 protocol port (TCP 8007 by default) is adequately firewalled to prevent remote access. For versions prior to 5.x, update to version 5.x or later to resolve the issue. At the moment, there is no information about a newer version that contains a fix for Tomcat 3.x, as there are no plans to issue an update for this version.