Description

The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.

Remediation

References

CVE-2002-1895

Related Vulnerabilities

WordPress Plugin Cookie Notice & Consent Banner for GDPR & CCPA Compliance Cross-Site Scripting (1.7.1)

phpList Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-2916)

Oracle Database Server CVE-2012-1737 Vulnerability (CVE-2012-1737)

PHP Other Vulnerability (CVE-2007-1717)

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)

Severity

Medium

Classification

CVE-2002-1895

Tags

Missing Update Known Vulnerabilities