CVE-2005-4836

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 4.1.15 through 4.1.40

Description The issue allows remote attackers to read JSP source files and obtain sensitive information by not rejecting NULL bytes in a URL when allowLinking is configured. This is specifically related to the deprecated HTTP/1.1 connector. The failure to reject the null byte enables an attacker to obtain the source for any JSP page in contexts configured with allowLinking=true.

Recommendations For Apache Tomcat versions 4.1.15 through 4.1.40, consider using the default, supported Coyote HTTP/1.1 connector, which does not exhibit this issue, as a workaround to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.