CVE-2003-0866
Published Nov 17, 2003
Last updated a year ago
Overview
- Description
- The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "914E1404-01A2-4F94-AA40-D5EA20F55AD3"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81FB1106-B26D-45BE-A511-8E69131BBA52"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "401A213A-FED3-49C0-B823-2E02EA528905"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BFE5AD8-DB14-4632-9D2A-F2013579CA7D"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7641278D-3B8B-4CD2-B284-2047B65514A2"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB7B9911-E836-4A96-A0E8-D13C957EC0EE"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2341C51-A239-4A4A-B0DC-30F18175442C"
}
],
"operator": "OR"
}
]
}
]