CVE-2005-0808

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html
http://www.kb.cert.org/vuls/id/204710	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/JGEI-6A2LEF	Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/12795
https://exchange.xforce.ibmcloud.com/vulnerabilities/19681

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:tomcat:3.0:::::::*
	cpe:2.3:a:apache:tomcat:3.1:::::::*
	cpe:2.3:a:apache:tomcat:3.1.1:::::::*
	cpe:2.3:a:apache:tomcat:3.2:::::::*
	cpe:2.3:a:apache:tomcat:3.2.1:::::::*
	cpe:2.3:a:apache:tomcat:3.2.2:beta2::::::
	cpe:2.3:a:apache:tomcat:3.2.3:::::::*
	cpe:2.3:a:apache:tomcat:3.2.4:::::::*
	cpe:2.3:a:apache:tomcat:3.3:::::::*
	cpe:2.3:a:apache:tomcat:3.3.1:::::::*
	cpe:2.3:a:apache:tomcat:3.3.1a:::::::*

History

No history.

Information

Published : 2005-05-02 04:00

Updated : 2017-07-11 01:32

NVD link : CVE-2005-0808

Mitre link : CVE-2005-0808

CVE.ORG link : CVE-2005-0808

JSON object : View

Products Affected

apache

tomcat

CWE

NVD-CWE-Other

{"id": "CVE-2005-0808", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-05-02T04:00:00.000", "references": [{"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-006_e/index-e.html", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/204710", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/JGEI-6A2LEF", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/12795", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19681", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007."}], "lastModified": "2017-07-11T01:32:25.233", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAFF8D91-80A2-454A-8B44-A5A889002692"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEC42876-65AD-476A-8B62-25D4E15D1BB6"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "724A8FF9-8089-4302-8200-08987A712988"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F97DDB7-E32B-422F-8AEA-07C75DEAD36E"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7079F63C-7CA8-4909-A9C8-45C4C1C1C186"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.2.2:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BE08AEE-4801-4FAF-97AD-BBD5C5849E3D"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC829C8E-1061-4F62-BA4B-FE5C7F11F209"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "143BA75E-A186-47EF-A18C-B1A1A1F61C00"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0CDF9E1-9412-450E-B1D4-438F128FFF9E"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32561F50-6385-4D71-AFAC-3D2F8DB55A4B"}, {"criteria": "cpe:2.3:a:apache:tomcat:3.3.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D51D88E7-6F5C-42B0-BAD6-7DCD9A357B43"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}