CVE-2003-0866 | Vulnerability Database | Aqua Security

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.

Affected Software

Name	Vendor	Start Version	End Version
Tomcat	Apache	4.0.0 (including)	4.0.0 (including)
Tomcat	Apache	4.0.1 (including)	4.0.1 (including)
Tomcat	Apache	4.0.2 (including)	4.0.2 (including)
Tomcat	Apache	4.0.3 (including)	4.0.3 (including)
Tomcat	Apache	4.0.4 (including)	4.0.4 (including)
Tomcat	Apache	4.0.5 (including)	4.0.5 (including)
Tomcat	Apache	4.0.6 (including)	4.0.6 (including)

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=215506
http://secunia.com/advisories/30899
http://secunia.com/advisories/30908
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1
http://tomcat.apache.org/security-4.html
http://www.debian.org/security/2003/dsa-395
http://www.securityfocus.com/bid/8824
http://www.vupen.com/english/advisories/2008/1979/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/13429
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0866
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html