{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-03-18T00:00:00", "descriptions": [{"lang": "en", "value": "HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "4387", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/4387"}, {"name": "11166", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/11166/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=224743"}, {"name": "jetty-dos(15537)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15537"}, {"name": "9917", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/9917"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-2381", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "4387", "refsource": "OSVDB", "url": "http://www.osvdb.org/4387"}, {"name": "11166", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11166/"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=224743", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=224743"}, {"name": "jetty-dos(15537)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15537"}, {"name": "9917", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9917"}, {"name": "http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76", "refsource": "CONFIRM", "url": "http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-2381", "datePublished": "2005-08-16T04:00:00", "dateReserved": "2005-08-16T00:00:00", "dateUpdated": "2017-07-10T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D9B24CDC-1E5B-47C9-8192-F0D1116D90A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F45803E0-D1A7-400D-9CA5-50253AC32401", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1_rc0:*:*:*:*:*:*:*", "matchCriteriaId": "EA393091-0662-48B2-8907-99F26477244C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "22D6CFD2-DBAF-4B4A-B235-98BB4826DBF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.1_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "E0CB88D1-A7C1-47A4-9478-B47D945B3905", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "7F059700-FAAF-4F9B-9973-C79A0F6D8299", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3446B000-66B2-42F7-B16D-1D0F06B5A874", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C0E83837-A974-42B8-8E0B-2DCFE55F6B7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "38AD7BA2-57EA-42DA-9CFE-FED77A912FFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "71842778-8CE8-4545-B527-994D4BEB92AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.b0:*:*:*:*:*:*:*", "matchCriteriaId": "464C37F4-F1EC-4827-8C02-0F7253A29FCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.b1:*:*:*:*:*:*:*", "matchCriteriaId": "81965444-CC2B-4002-A7FB-D3EE91AC4AB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.b2:*:*:*:*:*:*:*", "matchCriteriaId": "CB7A0330-CDC2-4D95-BF70-E846C480C025", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d0:*:*:*:*:*:*:*", "matchCriteriaId": "5E4A7F11-5826-45BE-9E69-717BCE5DAF45", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d1:*:*:*:*:*:*:*", "matchCriteriaId": "E4528F32-6D57-46CF-B9CF-EB6097033477", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d2:*:*:*:*:*:*:*", "matchCriteriaId": "5DE9B195-5072-4CA6-984B-A97398789131", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d3:*:*:*:*:*:*:*", "matchCriteriaId": "B156DC85-BD41-49CD-995E-5F144934BE74", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0.d4:*:*:*:*:*:*:*", "matchCriteriaId": "F6C484A2-DDBF-4BEC-89D1-EED071680AE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "A338593D-C6A7-429C-B440-26F3CCC54C68", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "94FADCB4-DE60-463D-8B59-7392CD734603", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.0_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "65CD5D1D-259D-4CA5-A07C-ECEBE8540265", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "85E64C7C-84FA-4AF0-ADA3-3708DADF35C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc0:*:*:*:*:*:*:*", "matchCriteriaId": "641E07B7-6433-41D5-B420-29FA254F2D27", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "268613F8-F1D5-4691-A8B9-6AD7B639D4E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "CC344802-D51B-4256-B52A-29789ACCF4EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "79B4593B-8780-4774-BC1B-923824AB7B7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc4:*:*:*:*:*:*:*", "matchCriteriaId": "FD27A440-D06A-47D5-97FF-4B56EDD3E8B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc5:*:*:*:*:*:*:*", "matchCriteriaId": "1651BA40-57D1-40BC-AAFE-4ECE34FF1254", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.0_rc6:*:*:*:*:*:*:*", "matchCriteriaId": "C62CDC27-A264-4E8E-894D-92AD10DC8C01", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "35508567-7C83-4C4B-961B-1BE9B8F3D1D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "16AF5579-7763-4851-B7A2-B50A4D589AD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "44BED546-DD64-457E-B93A-CD2069C2068B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "83D7E37B-448A-4B49-ABC7-57253B43126C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.b0:*:*:*:*:*:*:*", "matchCriteriaId": "07346177-D7DE-4545-8BB1-D64D1BDBAAAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.b1:*:*:*:*:*:*:*", "matchCriteriaId": "65225643-46E4-4B93-BF3A-29DC98BBA92C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.d0:*:*:*:*:*:*:*", "matchCriteriaId": "DF6E1FE3-A09D-4593-A3DA-7700D5021EB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.d1:*:*:*:*:*:*:*", "matchCriteriaId": "50D5991E-8CAE-4FDC-A4D7-79D14BB2A4D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.1.d2:*:*:*:*:*:*:*", "matchCriteriaId": "0D93288E-4ED1-4F4D-875A-AA85F6B853C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "33B61642-A3F1-4F13-8A3F-A369E1D47F1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0_beta0:*:*:*:*:*:*:*", "matchCriteriaId": "8575A31A-DD09-494F-895E-1740ABF4F671", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0_rc0:*:*:*:*:*:*:*", "matchCriteriaId": "9622FA39-20BD-4F92-A10A-56B1273A8FAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "74666A8D-0B36-47BF-8873-267C8FD228E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "B612838A-DD83-4E67-890E-165692DA4532", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "247F0030-0598-4ADF-8B5D-91BD7CFF7E44", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "61AD076A-D4C5-4149-94DE-E43BE78DE83B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C276FEC9-68B0-46BC-92A0-65C3B8401FD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.4_rc0:*:*:*:*:*:*:*", "matchCriteriaId": "937F124D-1CE3-405D-A981-760199DA9ED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "44D01183-FC99-4FD3-965B-38B1FC39048F", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "A3154BBA-DF19-458F-B8D0-CFCAC7DB366A", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "512BF3AF-4013-48E7-9546-5052CFBF0B11", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.8_01:*:*:*:*:*:*:*", "matchCriteriaId": "9965B682-2CFE-4881-8C0A-26B161731904", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "09FD2684-87CF-4B4D-B3D1-7DE43609D2E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "96E75206-5C22-47CE-ABC4-960C7D80407B", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.9_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "EA45888D-E2C9-4A17-B699-0C775EFC5FDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "B0DD62AB-DA57-48B6-9D00-1DBCD4AF111E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.10_pre0:*:*:*:*:*:*:*", "matchCriteriaId": "3D10D8BC-8C63-45CD-836E-08CC5E6C1676", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.10_pre1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E86801-E8C2-4DA3-92FD-F89FBB7B53D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "B82462AC-665D-41C0-B198-AA52784DF4C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "6B21ED45-9C48-4547-BDCE-7EB12B03AAEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "BA62A170-2544-4D3D-8E22-21F35D2E9944", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14_rc0:*:*:*:*:*:*:*", "matchCriteriaId": "A8750DB2-F9CE-4CD6-9C11-733546D56EB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.14_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "1B72963C-FF0B-4F3F-8D93-8C99C1F43460", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "DF5CEA1C-1EC7-49D7-9485-FA8773DA2D8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.15_rc0:*:*:*:*:*:*:*", "matchCriteriaId": "991A0243-5F9E-4E2B-8780-F58B17F9F73C", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "3F68F8E1-BF3C-4C99-BE93-985BB8AD51FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "D0F5EF68-A6FC-4FD7-8C36-4A8623C60622", "vulnerable": true}, {"criteria": "cpe:2.3:a:jetty:jetty_http_server:4.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "858FCD10-5B40-4EA8-BA16-081EFC734695", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length."}], "id": "CVE-2004-2381", "lastModified": "2017-07-11T01:31:50.873", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://cvs.sourceforge.net/viewcvs.py/jetty/Jetty/src/org/mortbay/http/HttpRequest.java?r1=1.75&r2=1.76"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/11166/"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=224743"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/4387"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/9917"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15537"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}