fkie_cve-2004-2381
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:53
Severity ?
Summary
HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B24CDC-1E5B-47C9-8192-F0D1116D90A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F45803E0-D1A7-400D-9CA5-50253AC32401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1_rc0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA393091-0662-48B2-8907-99F26477244C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "22D6CFD2-DBAF-4B4A-B235-98BB4826DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CB88D1-A7C1-47A4-9478-B47D945B3905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F059700-FAAF-4F9B-9973-C79A0F6D8299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3446B000-66B2-42F7-B16D-1D0F06B5A874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E83837-A974-42B8-8E0B-2DCFE55F6B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "38AD7BA2-57EA-42DA-9CFE-FED77A912FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71842778-8CE8-4545-B527-994D4BEB92AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.b0:*:*:*:*:*:*:*",
"matchCriteriaId": "464C37F4-F1EC-4827-8C02-0F7253A29FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.b1:*:*:*:*:*:*:*",
"matchCriteriaId": "81965444-CC2B-4002-A7FB-D3EE91AC4AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.b2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7A0330-CDC2-4D95-BF70-E846C480C025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A7F11-5826-45BE-9E69-717BCE5DAF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4528F32-6D57-46CF-B9CF-EB6097033477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d2:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE9B195-5072-4CA6-984B-A97398789131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d3:*:*:*:*:*:*:*",
"matchCriteriaId": "B156DC85-BD41-49CD-995E-5F144934BE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C484A2-DDBF-4BEC-89D1-EED071680AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "A338593D-C6A7-429C-B440-26F3CCC54C68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "94FADCB4-DE60-463D-8B59-7392CD734603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "65CD5D1D-259D-4CA5-A07C-ECEBE8540265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85E64C7C-84FA-4AF0-ADA3-3708DADF35C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc0:*:*:*:*:*:*:*",
"matchCriteriaId": "641E07B7-6433-41D5-B420-29FA254F2D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "268613F8-F1D5-4691-A8B9-6AD7B639D4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC344802-D51B-4256-B52A-29789ACCF4EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "79B4593B-8780-4774-BC1B-923824AB7B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc4:*:*:*:*:*:*:*",
"matchCriteriaId": "FD27A440-D06A-47D5-97FF-4B56EDD3E8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "1651BA40-57D1-40BC-AAFE-4ECE34FF1254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc6:*:*:*:*:*:*:*",
"matchCriteriaId": "C62CDC27-A264-4E8E-894D-92AD10DC8C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35508567-7C83-4C4B-961B-1BE9B8F3D1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16AF5579-7763-4851-B7A2-B50A4D589AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "44BED546-DD64-457E-B93A-CD2069C2068B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "83D7E37B-448A-4B49-ABC7-57253B43126C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.b0:*:*:*:*:*:*:*",
"matchCriteriaId": "07346177-D7DE-4545-8BB1-D64D1BDBAAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.b1:*:*:*:*:*:*:*",
"matchCriteriaId": "65225643-46E4-4B93-BF3A-29DC98BBA92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.d0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF6E1FE3-A09D-4593-A3DA-7700D5021EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.d1:*:*:*:*:*:*:*",
"matchCriteriaId": "50D5991E-8CAE-4FDC-A4D7-79D14BB2A4D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.d2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D93288E-4ED1-4F4D-875A-AA85F6B853C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33B61642-A3F1-4F13-8A3F-A369E1D47F1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0_beta0:*:*:*:*:*:*:*",
"matchCriteriaId": "8575A31A-DD09-494F-895E-1740ABF4F671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0_rc0:*:*:*:*:*:*:*",
"matchCriteriaId": "9622FA39-20BD-4F92-A10A-56B1273A8FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "74666A8D-0B36-47BF-8873-267C8FD228E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B612838A-DD83-4E67-890E-165692DA4532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "247F0030-0598-4ADF-8B5D-91BD7CFF7E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61AD076A-D4C5-4149-94DE-E43BE78DE83B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FEC9-68B0-46BC-92A0-65C3B8401FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.4_rc0:*:*:*:*:*:*:*",
"matchCriteriaId": "937F124D-1CE3-405D-A981-760199DA9ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44D01183-FC99-4FD3-965B-38B1FC39048F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A3154BBA-DF19-458F-B8D0-CFCAC7DB366A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "512BF3AF-4013-48E7-9546-5052CFBF0B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.8_01:*:*:*:*:*:*:*",
"matchCriteriaId": "9965B682-2CFE-4881-8C0A-26B161731904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "09FD2684-87CF-4B4D-B3D1-7DE43609D2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "96E75206-5C22-47CE-ABC4-960C7D80407B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "EA45888D-E2C9-4A17-B699-0C775EFC5FDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DD62AB-DA57-48B6-9D00-1DBCD4AF111E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.10_pre0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D10D8BC-8C63-45CD-836E-08CC5E6C1676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.10_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E86801-E8C2-4DA3-92FD-F89FBB7B53D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B82462AC-665D-41C0-B198-AA52784DF4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6B21ED45-9C48-4547-BDCE-7EB12B03AAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA62A170-2544-4D3D-8E22-21F35D2E9944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14_rc0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8750DB2-F9CE-4CD6-9C11-733546D56EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72963C-FF0B-4F3F-8D93-8C99C1F43460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5CEA1C-1EC7-49D7-9485-FA8773DA2D8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.15_rc0:*:*:*:*:*:*:*",
"matchCriteriaId": "991A0243-5F9E-4E2B-8780-F58B17F9F73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3F68F8E1-BF3C-4C99-BE93-985BB8AD51FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F5EF68-A6FC-4FD7-8C36-4A8623C60622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "858FCD10-5B40-4EA8-BA16-081EFC734695",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length."
}
],
"id": "CVE-2004-2381",
"lastModified": "2024-11-20T23:53:12.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75\u0026r2=1.76"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11166/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=224743"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4387"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9917"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75\u0026r2=1.76"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11166/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=224743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15537"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.