Vulnerabilites related to FUJITSU - Campusmate/Portal
jvndb-2005-000804
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-07-07 18:04
Severity ?
() - -
Summary
Tomcat vulnerable in request processing
Details
Apache Tomcat, an implementation of the Java Servlet and JavaServer Pages technologies, contains a vulnerability in processing specific requests. To avoid this vulnerability, use the connectors other than AJP 1.3 Connector when connecting Apache Tomcat to a web server. Apache Tomcat supports Coyote JK Connector and Coyote HTTP/1.1 Connector.
References
JVN http://jvn.jp/en/jp/JVN79314822/index.html
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3164
SECUNIA http://secunia.com/advisories/17019
BID http://www.securityfocus.com/bid/15003
Information Exposure(CWE-200) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
Apache Software FoundationApache Tomcat
FUJITSUCampusmate/Portal
FUJITSUInternet Navigware Server
FUJITSUInterstage Application Framework Suite
FUJITSUInterstage Application Server
FUJITSUInterstage Business Application Server
FUJITSUInterstage Job Workload Server
FUJITSUInterstage List Manager
Hitachi, LtdCosminexus Application Server
Hitachi, LtdCosminexus Developer
Hitachi, LtdCosminexus Primary Server
Hitachi, LtdEmbedded Cosminexus Server
NEC CorporationWebOTX Application Server
NEC CorporationWebSAM SystemManager
NEC CorporationSpectral Wave Manager Series
Apple Inc.Apple Mac OS X
Apple Inc.Apple Mac OS X Server
Cybertrust Japan Co., Ltd.Asianux Server
Sun Microsystems, Inc.Sun Solaris
Show details on JVN DB website

To clipboard 

{
   "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000804.html",
   "dc:date": "2008-07-07T18:04+09:00",
   "dcterms:issued": "2008-05-21T00:00+09:00",
   "dcterms:modified": "2008-07-07T18:04+09:00",
   description: "Apache Tomcat, an implementation of the Java Servlet and JavaServer Pages technologies, contains a vulnerability in processing specific requests.\r\n\r\nTo avoid this vulnerability, use the connectors other than AJP 1.3 Connector when connecting Apache Tomcat to a web server. Apache Tomcat supports Coyote JK Connector and Coyote HTTP/1.1 Connector.",
   link: "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000804.html",
   "sec:cpe": [
      {
         "#text": "cpe:/a:apache:tomcat",
         "@product": "Apache Tomcat",
         "@vendor": "Apache Software Foundation",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:campusmate_portal",
         "@product": "Campusmate/Portal",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:internet_navigware_server",
         "@product": "Internet Navigware Server",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:interstage_application_framework_suite",
         "@product": "Interstage Application Framework Suite",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:interstage_application_server",
         "@product": "Interstage Application Server",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:interstage_business_application_server",
         "@product": "Interstage Business Application Server",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:interstage_job_workload_server",
         "@product": "Interstage Job Workload Server",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:fujitsu:interstage_list_manager",
         "@product": "Interstage List Manager",
         "@vendor": "FUJITSU",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_application_server",
         "@product": "Cosminexus Application Server",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_developer",
         "@product": "Cosminexus Developer",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:cosminexus_primary_server",
         "@product": "Cosminexus Primary Server",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:hitachi:embedded_cosminexus_server",
         "@product": "Embedded Cosminexus Server",
         "@vendor": "Hitachi, Ltd",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:nec:webotx_application_server",
         "@product": "WebOTX Application Server",
         "@vendor": "NEC Corporation",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/a:nec:websam_systemmanager",
         "@product": "WebSAM SystemManager",
         "@vendor": "NEC Corporation",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/h:nec:spectral_wave_manager",
         "@product": "Spectral Wave Manager Series",
         "@vendor": "NEC Corporation",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:apple:mac_os_x",
         "@product": "Apple Mac OS X",
         "@vendor": "Apple Inc.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:apple:mac_os_x_server",
         "@product": "Apple Mac OS X Server",
         "@vendor": "Apple Inc.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:misc:miraclelinux_asianux_server",
         "@product": "Asianux Server",
         "@vendor": "Cybertrust Japan Co., Ltd.",
         "@version": "2.2",
      },
      {
         "#text": "cpe:/o:sun:solaris",
         "@product": "Sun Solaris",
         "@vendor": "Sun Microsystems, Inc.",
         "@version": "2.2",
      },
   ],
   "sec:cvss": {
      "@score": "2.6",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
      "@version": "2.0",
   },
   "sec:identifier": "JVNDB-2005-000804",
   "sec:references": [
      {
         "#text": "http://jvn.jp/en/jp/JVN79314822/index.html",
         "@id": "JVN#79314822",
         "@source": "JVN",
      },
      {
         "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164",
         "@id": "CVE-2005-3164",
         "@source": "CVE",
      },
      {
         "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3164",
         "@id": "CVE-2005-3164",
         "@source": "NVD",
      },
      {
         "#text": "http://secunia.com/advisories/17019",
         "@id": "SA17019",
         "@source": "SECUNIA",
      },
      {
         "#text": "http://www.securityfocus.com/bid/15003",
         "@id": "15003",
         "@source": "BID",
      },
      {
         "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
         "@id": "CWE-200",
         "@title": "Information Exposure(CWE-200)",
      },
   ],
   title: "Tomcat vulnerable in request processing",
}