JVN/CVE Demo: Nvdinfos

NVD

Id: 47382
Name: CVE-2009-0033
Description: Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.
Reject
CVSS Version: 2
CVSS Score: 5
Severity: Medium
CVSS Base Score: 5
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 10
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Pub Date: 2017-01-07
Published: 2009-06-05
Modified Date: 2016-08-22
Seq: 2009-0033

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
236973	47382	CVE-2009-0033	JVN#87272440	View
236974	47382	CVE-2009-0033	APPLE-SA-2010-03-29-1	View
236975	47382	CVE-2009-0033	SUSE-SR:2009:012	View
236976	47382	CVE-2009-0033	SSRT100029	View
236977	47382	CVE-2009-0033	HPSBUX02579	View
236978	47382	CVE-2009-0033	SSRT100825	View
236979	47382	CVE-2009-0033	HPSBUX02860	View
236980	47382	CVE-2009-0033	oval:org.mitre.oval:def:10231	View
236981	47382	CVE-2009-0033	oval:org.mitre.oval:def:19110	View
236982	47382	CVE-2009-0033	oval:org.mitre.oval:def:5739	View
236983	47382	CVE-2009-0033	1022331	View
236984	47382	CVE-2009-0033	263529	View
236985	47382	CVE-2009-0033	http://support.apple.com/kb/HT4077	View
236986	47382	CVE-2009-0033	http://svn.apache.org/viewvc?rev=742915&view=rev	View
236987	47382	CVE-2009-0033	http://svn.apache.org/viewvc?rev=781362&view=rev	View
236988	47382	CVE-2009-0033	http://tomcat.apache.org/security-4.html	View
236989	47382	CVE-2009-0033	http://tomcat.apache.org/security-5.html	View
236990	47382	CVE-2009-0033	http://tomcat.apache.org/security-6.html	View
236991	47382	CVE-2009-0033	DSA-2207	View
236992	47382	CVE-2009-0033	MDVSA-2009:136	View
236993	47382	CVE-2009-0033	MDVSA-2009:138	View
236994	47382	CVE-2009-0033	MDVSA-2010:176	View
236995	47382	CVE-2009-0033	20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector	View
236996	47382	CVE-2009-0033	20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components	View
236997	47382	CVE-2009-0033	35193	View
236998	47382	CVE-2009-0033	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	View
236999	47382	CVE-2009-0033	ADV-2009-1496	View
237000	47382	CVE-2009-0033	ADV-2009-1856	View
237001	47382	CVE-2009-0033	ADV-2009-3316	View
237002	47382	CVE-2009-0033	ADV-2010-3056	View
237003	47382	CVE-2009-0033	tomcat-ajp-dos(50928)	View
237004	47382	CVE-2009-0033	FEDORA-2009-11374	View
237005	47382	CVE-2009-0033	FEDORA-2009-11352	View
237006	47382	CVE-2009-0033	FEDORA-2009-11356	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
39952	JVNDB-2009-000037	Apache Tomcat におけるサービス運用妨害（DoS）の脆弱性	The Apache Software Foundation が提供する Apache Tomcat には、サービス運用妨害（DoS）の脆弱性が存在します。	CVE-2009-0033	37464	CVE-2009-0033	47382	4.3		http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000037.html	2009-06-09	2012-09-28	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.33 MB
View render complete	21.32 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.22
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	283.63
Event: Controller.beforeRender	5.13
» Processing toolbar data	5.04
Rendering View	840.52
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	812.21
» Event: View.afterRender	0.04
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	17.06
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	5.39
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/rvm/gems/ruby-3.0.2/bin:/usr/local/rvm/gems/ruby-3.0.2@global/bin:/usr/local/rvm/rubies/ruby-3.0.2/bin:/usr/share/Modules/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/rvm/bin:/var/lib/snapd/snap/bin:/root/bin:/sbin:/usr/local/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/47382
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/47382
Remote Port	60681
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.20
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Ld Library Path	/usr/local/apache24/lib
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.164.112
Http Via	1.1 squid-proxy-75b5465b89-nxkw8 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=ibichek8s8i3gnfos6i964avc7
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.20
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.20
Unique Id	aC-luYp3jFRIAbC6WXBjxAAAAYU
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.20
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.20
Redirect Unique Id	aC-luYp3jFRIAbC6WXBjxAAAAYU
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.20
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.20
Redirect Redirect Unique Id	aC-luYp3jFRIAbC6WXBjxAAAAYU
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747953081.795
Request Time	1747953081

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files