CVE-2005-3510

Published: Nov 6, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.

Affected (12)

Products: Apache: Tomcat

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Apache Tomcat	Version 5.5.0
Apache Tomcat	Version 5.5.10
Apache Tomcat	Version 5.5.11
Apache Tomcat	Version 5.5.1
Apache Tomcat	Version 5.5.2
Apache Tomcat	Version 5.5.3
Apache Tomcat	Version 5.5.4
Apache Tomcat	Version 5.5.5
Apache Tomcat	Version 5.5.6
Apache Tomcat	Version 5.5.7
Apache Tomcat	Version 5.5.8
Apache Tomcat	Version 5.5.9

References (44)

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Source: cve@mitre.org

http://secunia.com/advisories/17416

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/30899

Source: cve@mitre.org

http://secunia.com/advisories/30908

Source: cve@mitre.org

http://secunia.com/advisories/33668

Source: cve@mitre.org

http://securitytracker.com/id?1015147

Source: cve@mitre.org

PatchVendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

Source: cve@mitre.org

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Source: cve@mitre.org

http://tomcat.apache.org/security-4.html

Source: cve@mitre.org

http://tomcat.apache.org/security-5.html

Source: cve@mitre.org

http://www.osvdb.org/20439

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0161.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0261.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/415782/30/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/500396/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/500412/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/15325

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1979/references

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/0233

Source: cve@mitre.org

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Source: cve@mitre.org

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/17416

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/30899

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/30908

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33668

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015147

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Source: af854a3a-2127-422b-91ae-364da2661108

http://tomcat.apache.org/security-4.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://tomcat.apache.org/security-5.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/20439

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2006-0161.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0261.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/415782/30/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/500396/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/500412/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15325

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/1979/references

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/0233

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.