Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2005-4836

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 71.9%
CVSS Severity
CVSS v2 Score 7.8
References
Products affected by CVE-2005-4836
  • Apache » Tomcat » Version: 4.1.15
    cpe:2.3:a:apache:tomcat:4.1.15
  • Apache » Tomcat » Version: 4.1.16
    cpe:2.3:a:apache:tomcat:4.1.16
  • Apache » Tomcat » Version: 4.1.17
    cpe:2.3:a:apache:tomcat:4.1.17
  • Apache » Tomcat » Version: 4.1.18
    cpe:2.3:a:apache:tomcat:4.1.18
  • Apache » Tomcat » Version: 4.1.19
    cpe:2.3:a:apache:tomcat:4.1.19
  • Apache » Tomcat » Version: 4.1.20
    cpe:2.3:a:apache:tomcat:4.1.20
  • Apache » Tomcat » Version: 4.1.21
    cpe:2.3:a:apache:tomcat:4.1.21
  • Apache » Tomcat » Version: 4.1.22
    cpe:2.3:a:apache:tomcat:4.1.22
  • Apache » Tomcat » Version: 4.1.23
    cpe:2.3:a:apache:tomcat:4.1.23
  • Apache » Tomcat » Version: 4.1.24
    cpe:2.3:a:apache:tomcat:4.1.24
  • Apache » Tomcat » Version: 4.1.25
    cpe:2.3:a:apache:tomcat:4.1.25
  • Apache » Tomcat » Version: 4.1.26
    cpe:2.3:a:apache:tomcat:4.1.26
  • Apache » Tomcat » Version: 4.1.27
    cpe:2.3:a:apache:tomcat:4.1.27
  • Apache » Tomcat » Version: 4.1.28
    cpe:2.3:a:apache:tomcat:4.1.28
  • Apache » Tomcat » Version: 4.1.29
    cpe:2.3:a:apache:tomcat:4.1.29
  • Apache » Tomcat » Version: 4.1.30
    cpe:2.3:a:apache:tomcat:4.1.30
  • Apache » Tomcat » Version: 4.1.31
    cpe:2.3:a:apache:tomcat:4.1.31
  • Apache » Tomcat » Version: 4.1.32
    cpe:2.3:a:apache:tomcat:4.1.32
  • Apache » Tomcat » Version: 4.1.33
    cpe:2.3:a:apache:tomcat:4.1.33
  • Apache » Tomcat » Version: 4.1.34
    cpe:2.3:a:apache:tomcat:4.1.34
  • Apache » Tomcat » Version: 4.1.35
    cpe:2.3:a:apache:tomcat:4.1.35
  • Apache » Tomcat » Version: 4.1.36
    cpe:2.3:a:apache:tomcat:4.1.36
  • Apache » Tomcat » Version: 4.1.37
    cpe:2.3:a:apache:tomcat:4.1.37
  • Apache » Tomcat » Version: 4.1.39
    cpe:2.3:a:apache:tomcat:4.1.39
  • Apache » Tomcat » Version: 4.1.40
    cpe:2.3:a:apache:tomcat:4.1.40


Products
Pricing
Contact Us

Shodan ® - All rights reserved