What is the severity of CVE-2002-0935?

CVE-2002-0935 is classified as a denial of service vulnerability, which can lead to resource exhaustion.

How do I fix CVE-2002-0935?

To mitigate CVE-2002-0935, it is recommended to upgrade Apache Tomcat to version 4.1.3-beta or later.

Who is affected by CVE-2002-0935?

CVE-2002-0935 affects Apache Tomcat version 4.0.3 and possibly earlier versions.

What type of attack does CVE-2002-0935 enable?

CVE-2002-0935 allows remote attackers to perform a denial of service attack by sending multiple requests with null characters.

When was CVE-2002-0935 disclosed?

CVE-2002-0935 was disclosed in 2002.

Vulnerability/
CVE-2002-0935

medium

CWE

NVD-CWE-Other 400

4/10/2002

2/4/2003

30/4/2022

8/8/2024

CVE-2002-0935

First published: Fri Oct 04 2002(Updated: )

Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Apache Tomcat	=4.0.3
maven/org.apache.tomcat:tomcat	<4.1.3-beta	4.1.3-beta

Remedy

http://www.iss.net/security_center/static/9396.php

Remedy

http://www.securityfocus.com/bid/5067

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-0935?
CVE-2002-0935 is classified as a denial of service vulnerability, which can lead to resource exhaustion.
How do I fix CVE-2002-0935?
To mitigate CVE-2002-0935, it is recommended to upgrade Apache Tomcat to version 4.1.3-beta or later.
Who is affected by CVE-2002-0935?
CVE-2002-0935 affects Apache Tomcat version 4.0.3 and possibly earlier versions.
What type of attack does CVE-2002-0935 enable?
CVE-2002-0935 allows remote attackers to perform a denial of service attack by sending multiple requests with null characters.
When was CVE-2002-0935 disclosed?
CVE-2002-0935 was disclosed in 2002.

collector/nvd-historical
collector/nvd-index
collector/nvd-api
agent/type
agent/remedy
agent/first-publish-date
collector/github-advisory-latest
source/GitHub
alias/GHSA-xmf4-j3j7-xj7q
alias/CVE-2002-0935
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
agent/weakness
agent/severity
agent/author
agent/references
agent/description
agent/softwarecombine
collector/github-advisory
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/tags
agent/source
vendor/apache
canonical/apache tomcat
version/apache tomcat/4.0.3
package-manager/maven

Frequently Asked Questions

What is the severity of CVE-2002-0935?
CVE-2002-0935 is classified as a denial of service vulnerability, which can lead to resource exhaustion.
How do I fix CVE-2002-0935?
To mitigate CVE-2002-0935, it is recommended to upgrade Apache Tomcat to version 4.1.3-beta or later.
Who is affected by CVE-2002-0935?
CVE-2002-0935 affects Apache Tomcat version 4.0.3 and possibly earlier versions.
What type of attack does CVE-2002-0935 enable?
CVE-2002-0935 allows remote attackers to perform a denial of service attack by sending multiple requests with null characters.
When was CVE-2002-0935 disclosed?
CVE-2002-0935 was disclosed in 2002.

CVE-2002-0935

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-0935?

How do I fix CVE-2002-0935?

Who is affected by CVE-2002-0935?

What type of attack does CVE-2002-0935 enable?

When was CVE-2002-0935 disclosed?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2002-0935?

How do I fix CVE-2002-0935?

Who is affected by CVE-2002-0935?

What type of attack does CVE-2002-0935 enable?

When was CVE-2002-0935 disclosed?