The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote malicious users to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 4.0.4 |
||
apache tomcat 3.3 |