HTTP: Apache Tomcat Server AJP12 Shutdown DoS
This signature detects attempts to send commands to the Apache Tomcat AJP12 Connector process. This process has no authentication and can be used to shut down the Web-server.
Extended Description
Apache Tomcat 4 has been reported prone to a remotely triggered denial-of-service vulnerability when handling undisclosed non-HTTP request types. When certain non-HTTP request types are handled by the Tomcat HTTP connector, the Tomcat server will reject subsequent requests on the affected port until the service is restarted.
Affected Products
Sun solaris
References
BugTraq: 8824
CVE: CVE-2005-0808
URL: http://jakarta.apache.org/tomcat/ http://www.debian.org/security/2003/dsa-395 http://www.kb.cert.org/vuls/id/JGEI-6A2LEF
Short Name
HTTP:TOMCAT:AJP12-SHUTDOWN
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AJP12 Apache CVE-2005-0808 DoS Server Shutdown Tomcat bid:8824
Release Date
12/17/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Sun
CVSS Score
5.0