Vulnerabilities
Vulnerable Software
Apache:  >> Tomcat  >> 3.2.2  Security Vulnerabilities
Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
CVSS Score
5.0
EPSS Score
0.175
Published
2005-05-02
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
CVSS Score
5.0
EPSS Score
0.367
Published
2002-10-11
Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CVSS Score
7.5
EPSS Score
0.015
Published
2002-08-12
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
CVSS Score
5.0
EPSS Score
0.218
Published
2001-08-02


Contact Us

Shodan ® - All rights reserved