Recent Vulnerabilities Discussions Trends About Contact

By Relevance

By Risk Score

By NVD Publish Date

By Popularity

7.8

HIGH

Published: 31/12/2002 Updated: 29/07/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

Apache Http Server Tomcat

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Complexity: LOW

Authentication: NONE

Access Vector: NETWORK

Confidentiality Impact: NONE

Integrity Impact: NONE

Availability Impact: COMPLETE

Vendor	Product	Versions
Apache	Http Server	1.3, 1.3.0, 1.3.1, 1.3.2, 1.3.10, 1.3.11, 1.3.12, 1.3.13, 1.3.14, 1.3.15, 1.3.16, 1.3.17, 1.3.18, 1.3.19, 1.3.20, 1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26, 1.3.27
Apache	Tomcat	4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.9, 4.1.10, 4.1.12

Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service

CWE-119 http://archives.neohapsis.com/archives/bugtraq/2002-12/0045.html http://www.securityfocus.com/bid/6320 https://exchange.xforce.ibmcloud.com/vulnerabilities/10771

Home Recent Vulnerabilities Discussions Trends About Contact

CVE-2002-2272

Vulnerability Summary

Affected Products

EDB Exploits

References