[email protected]NVD:CVE-2003-0866

HistoryNov 17, 2003 - 5:00 a.m.

CVE-2003-0866

2003-11-1705:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

0.006

Percentile

78.6%

JSON

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.

Affected configurations

Nvd

Node

apachetomcatMatch4.0.0

apachetomcatMatch4.0.1

apachetomcatMatch4.0.2

apachetomcatMatch4.0.3

apachetomcatMatch4.0.4

apachetomcatMatch4.0.5

apachetomcatMatch4.0.6

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=215506

secunia.com/advisories/30899

secunia.com/advisories/30908

sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

tomcat.apache.org/security-4.html

www.debian.org/security/2003/dsa-395

www.securityfocus.com/bid/8824

www.vupen.com/english/advisories/2008/1979/references

exchange.xforce.ibmcloud.com/vulnerabilities/13429

lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

0.006

Percentile

78.6%

JSON

Related for NVD:CVE-2003-0866

osv2 cve1 cvelist1 openvas2 nessus2 github1 tomcat1