Back to search
CVE-2009-0033
Published: Jun 5, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://tomcat.apache.org/security-4.html
x_refsource_CONFIRM
HPSBMA02535
vendor-advisory
x_refsource_HP
35326
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:138
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2009-11356
vendor-advisory
x_refsource_FEDORA
DSA-2207
vendor-advisory
x_refsource_DEBIAN
35344
third-party-advisory
x_refsource_SECUNIA
HPSBUX02860
vendor-advisory
x_refsource_HP
37460
third-party-advisory
x_refsource_SECUNIA
ADV-2010-3056
vdb-entry
x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
x_refsource_CONFIRM
35788
third-party-advisory
x_refsource_SECUNIA
SSRT100029
vendor-advisory
x_refsource_HP
APPLE-SA-2010-03-29-1
vendor-advisory
x_refsource_APPLE
JVN#87272440
third-party-advisory
x_refsource_JVN
ADV-2009-1496
vdb-entry
x_refsource_VUPEN
HPSBOV02762
vendor-advisory
x_refsource_HP
1022331
vdb-entry
x_refsource_SECTRACK
ADV-2009-1856
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:10231
vdb-entry
signature
x_refsource_OVAL
35193
vdb-entry
x_refsource_BID
MDVSA-2010:176
vendor-advisory
x_refsource_MANDRIVA
42368
third-party-advisory
x_refsource_SECUNIA
http://tomcat.apache.org/security-6.html
x_refsource_CONFIRM
20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector
mailing-list
x_refsource_BUGTRAQ
http://support.apple.com/kb/HT4077
x_refsource_CONFIRM
http://svn.apache.org/viewvc?rev=742915&view=rev
x_refsource_CONFIRM
FEDORA-2009-11374
vendor-advisory
x_refsource_FEDORA
http://svn.apache.org/viewvc?rev=781362&view=rev
x_refsource_CONFIRM
35685
third-party-advisory
x_refsource_SECUNIA
SSRT100825
vendor-advisory
x_refsource_HP
FEDORA-2009-11352
vendor-advisory
x_refsource_FEDORA
http://tomcat.apache.org/security-5.html
x_refsource_CONFIRM
oval:org.mitre.oval:def:19110
vdb-entry
signature
x_refsource_OVAL
SUSE-SR:2009:012
vendor-advisory
x_refsource_SUSE
HPSBUX02579
vendor-advisory
x_refsource_HP
SSRT101146
vendor-advisory
x_refsource_HP
MDVSA-2009:136
vendor-advisory
x_refsource_MANDRIVA
263529
vendor-advisory
x_refsource_SUNALERT
SSRT100203
vendor-advisory
x_refsource_HP
tomcat-ajp-dos(50928)
vdb-entry
x_refsource_XF
ADV-2009-3316
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:5739
vdb-entry
signature
x_refsource_OVAL
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now