CVE-2002-0935 | Vulnerability Database | Aqua Security

Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.

Affected Software

Name	Vendor	Start Version	End Version
Tomcat	Apache	4.0.3 (including)	4.0.3 (including)

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html
http://online.securityfocus.com/archive/1/277940
http://www.iss.net/security_center/static/9396.php
http://www.osvdb.org/5051
http://www.securityfocus.com/bid/5067
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0120.html
http://online.securityfocus.com/archive/1/277940
http://www.iss.net/security_center/static/9396.php
http://www.osvdb.org/5051
http://www.securityfocus.com/bid/5067
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0935
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html