Back to search
CVE-2005-3164
Published: Oct 6, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://tomcat.apache.org/security-4.html
x_refsource_CONFIRM
30908
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT2163
x_refsource_CONFIRM
15003
vdb-entry
x_refsource_BID
239312
vendor-advisory
x_refsource_SUNALERT
ADV-2008-1981
vdb-entry
x_refsource_VUPEN
30899
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1979
vdb-entry
x_refsource_VUPEN
17019
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-06-30
vendor-advisory
x_refsource_APPLE
30802
third-party-advisory
x_refsource_SECUNIA
JVN#79314822
third-party-advisory
x_refsource_JVN
http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01-e.html
x_refsource_CONFIRM
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now