Published: 17/11/2003 Updated: 25/03/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote malicious users to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.


source: wwwsecurityfocuscom/bid/8824/info Apache Tomcat 4 has been reported prone to a remotely triggered denial-of-service vulnerability when handling undisclosed non-HTTP request types When certain non-HTTP request types are handled by the Tomcat HTTP connector, the Tomcat server will reject subsequent requests on the affected port un ...