Vulnerability Name: | CVE-2005-3164 (CCN-22506) | ||||||||
Assigned: | 2005-10-03 | ||||||||
Published: | 2005-10-03 | ||||||||
Updated: | 2022-02-03 | ||||||||
Summary: | The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. | ||||||||
CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
| ||||||||
Vulnerability Type: | CWE-200 | ||||||||
Vulnerability Consequences: | Obtain Information | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-3164 Source: JVN Type: VDB Entry JVN#79314822 Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2008-06-30 Source: CCN Type: SA17019 Hitachi Cosminexus Request Body Disclosure of Personal Information Source: SECUNIA Type: Broken Link, Vendor Advisory 17019 Source: CCN Type: SA30802 Apple Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: Broken Link, Vendor Advisory 30802 Source: CCN Type: SA30899 Sun Solaris 9 Tomcat Multiple Vulnerabilities Source: SECUNIA Type: Broken Link, Vendor Advisory 30899 Source: CCN Type: SA30908 Sun Solaris 10 Tomcat Multiple Vulnerabilities Source: SECUNIA Type: Broken Link, Vendor Advisory 30908 Source: SUNALERT Type: Broken Link 239312 Source: CCN Type: Sun Alert ID: 239312 Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10 Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT2163 Source: CCN Type: ASA-2008-293 Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10 (Sun 239312) Source: CONFIRM Type: Vendor Advisory http://tomcat.apache.org/security-4.html Source: CCN Type: Hitachi Vulnerability Information HS05-019-01 Solution for Cosminexus Application Server Source: CONFIRM Type: Third Party Advisory http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01-e.html Source: CCN Type: Cosminexus Web site HITACHI : Cosminexus Source: CCN Type: OSVDB ID: 19821 Apache Tomcat Malformed Post Request Information Disclosure Source: BID Type: Third Party Advisory, VDB Entry 15003 Source: CCN Type: BID-15003 Hitachi Cosminexus Remote Information Disclosure Vulnerability Source: VUPEN Type: Vendor Advisory ADV-2008-1979 Source: VUPEN Type: Vendor Advisory ADV-2008-1981 Source: XF Type: UNKNOWN cosminexus-http-post-information-disclosure(22506) Source: MLIST Type: Mailing List, Third Party Advisory [tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ Source: MLIST Type: Mailing List, Third Party Advisory [tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ Source: MLIST Type: Mailing List, Third Party Advisory [tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/ Source: CCN Type: IBM Security Bulletin 6858013 (Tivoli Application Dependency Discovery Manager) TADDM affected by multiple vulnerabilities due to Apache Tomcat libraries | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: ![]() | ||||||||
BACK |