CVE-2002-0936

Apache Tomcat - Denial of Service

Title source: rule

Description

The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).

Exploits (3)

nomisec NO CODE

by omarsallam2309-star · poc

https://github.com/omarsallam2309-star/Full-Attack-Lifecycle-Simulation-on-Metasploitable

View Code ZIP pw:eip

nomisec NO CODE

by om4rsallam · poc

https://github.com/om4rsallam/Full-Attack-Lifecycle-Simulation-on-Metasploitable

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Marc Schoenefeld · doslinux

https://www.exploit-db.com/exploits/21534

View Code ZIP pw:eip

References (7)

[Various Sources] http://tomcat.apache.org/security-4.html

[Vendor Advisory] http://www.iss.net/security_center/static/9339.php

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/4995

[Third Party Advisory] http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0095.html

[Mailing List] https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Scores

EPSS 0.0827

EPSS Percentile 92.1%

Classification

Status draft

Affected Products (1)

apache/tomcat

Timeline

Published Oct 04, 2002

Tracked Since Feb 18, 2026