Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.6
CVSSv2

CVE-2005-3164

Published: 06/10/2005 Updated: 07/11/2023
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Subscribe to Cosminexus Application Server

Vulnerability Summary

The AJP connector in Apache Tomcat 4.0.1 up to and including 4.0.6 and 4.1.0 up to and including 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

hitachi cosminexus application server 05_00_05_05_e

hitachi cosminexus application server 05_00_05_05_h

hitachi cosminexus application server 05_00_05_05_k

hitachi cosminexus application server 05_00_05_05_f

apache tomcat

References

CWE-200http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01-e.htmlhttp://jvn.jp/jp/JVN%2379314822/index.htmlhttp://www.securityfocus.com/bid/15003http://secunia.com/advisories/17019http://tomcat.apache.org/security-4.htmlhttp://support.apple.com/kb/HT2163http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1http://secunia.com/advisories/30802http://secunia.com/advisories/30908http://secunia.com/advisories/30899http://www.vupen.com/english/advisories/2008/1979/referenceshttp://www.vupen.com/english/advisories/2008/1981/referenceshttps://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3Ehttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook