NVD脆弱性詳細

CVE-2008-5519

概要	The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
概要	El conector JK (tambien conocido como mod_jk) v1.2.0 hasta la v1.2.26 en Apache Tomcat permite a atacantes remotos obtener información sensible a través de una petición arbitraria desde un cliente HTTP, en circunstancias oportunas implicando (1) una petición desde distintos clientes que incluyan una cabecera con el campo longitud de contenido, pero sin datos en POST, o (2) una serie de peticiones rápidas, relativo a la no conformidad con los requerimientos del protocolo AJP para peticiones que contengan cabeceras con el campo longitud del contenido.
公表日	2009年4月10日0:08
登録日	2021年1月29日13:46
最終更新日	2026年4月23日9:35

CVSS2.0 : LOW
スコア	2.6
ベクター	AV:N/AC:H/Au:N/C:P/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:apache:mod_jk:1.2:::::::*
cpe:2.3:a:apache:mod_jk:1.2.1:::::::*
cpe:2.3:a:apache:mod_jk:1.2.6:::::::*
cpe:2.3:a:apache:mod_jk:1.2.7:::::::*
cpe:2.3:a:apache:mod_jk:1.2.8:::::::*
cpe:2.3:a:apache:mod_jk:1.2.9:::::::*
cpe:2.3:a:apache:mod_jk:1.2.10:::::::*
cpe:2.3:a:apache:mod_jk:1.2.11:::::::*
cpe:2.3:a:apache:mod_jk:1.2.12:::::::*
cpe:2.3:a:apache:mod_jk:1.2.13:::::::*
cpe:2.3:a:apache:mod_jk:1.2.14:::::::*
cpe:2.3:a:apache:mod_jk:1.2.14.1:::::::*
cpe:2.3:a:apache:mod_jk:1.2.15:::::::*
cpe:2.3:a:apache:mod_jk:1.2.16:::::::*
cpe:2.3:a:apache:mod_jk:1.2.17:::::::*
cpe:2.3:a:apache:mod_jk:1.2.18:::::::*
cpe:2.3:a:apache:mod_jk:1.2.19:::::::*
cpe:2.3:a:apache:mod_jk:1.2.20:::::::*
cpe:2.3:a:apache:mod_jk:1.2.21:::::::*
cpe:2.3:a:apache:mod_jk:1.2.22:::::::*
cpe:2.3:a:apache:mod_jk:1.2.23:::::::*
cpe:2.3:a:apache:mod_jk:1.2.24:::::::*
cpe:2.3:a:apache:mod_jk:1.2.25:::::::*
cpe:2.3:a:apache:mod_jk:1.2.26:::::::*
cpe:2.3:a:apache:tomcat:4.0.0:::::::*
cpe:2.3:a:apache:tomcat:4.0.1:::::::*
cpe:2.3:a:apache:tomcat:4.0.2:::::::*
cpe:2.3:a:apache:tomcat:4.0.3:::::::*
cpe:2.3:a:apache:tomcat:4.0.4:::::::*
cpe:2.3:a:apache:tomcat:4.0.5:::::::*
cpe:2.3:a:apache:tomcat:4.0.6:::::::*
cpe:2.3:a:apache:tomcat:4.1.0:::::::*
cpe:2.3:a:apache:tomcat:4.1.1:::::::*
cpe:2.3:a:apache:tomcat:4.1.2:::::::*
cpe:2.3:a:apache:tomcat:4.1.3:::::::*
cpe:2.3:a:apache:tomcat:4.1.3:beta::::::
cpe:2.3:a:apache:tomcat:4.1.4:::::::*
cpe:2.3:a:apache:tomcat:4.1.5:::::::*
cpe:2.3:a:apache:tomcat:4.1.6:::::::*
cpe:2.3:a:apache:tomcat:4.1.7:::::::*
cpe:2.3:a:apache:tomcat:4.1.8:::::::*
cpe:2.3:a:apache:tomcat:4.1.9:::::::*
cpe:2.3:a:apache:tomcat:4.1.9:beta::::::
cpe:2.3:a:apache:tomcat:4.1.10:::::::*
cpe:2.3:a:apache:tomcat:4.1.11:::::::*
cpe:2.3:a:apache:tomcat:4.1.12:::::::*
cpe:2.3:a:apache:tomcat:4.1.13:::::::*
cpe:2.3:a:apache:tomcat:4.1.14:::::::*
cpe:2.3:a:apache:tomcat:4.1.15:::::::*
cpe:2.3:a:apache:tomcat:4.1.16:::::::*
cpe:2.3:a:apache:tomcat:4.1.17:::::::*
cpe:2.3:a:apache:tomcat:4.1.18:::::::*
cpe:2.3:a:apache:tomcat:4.1.19:::::::*
cpe:2.3:a:apache:tomcat:4.1.20:::::::*
cpe:2.3:a:apache:tomcat:4.1.21:::::::*
cpe:2.3:a:apache:tomcat:4.1.22:::::::*
cpe:2.3:a:apache:tomcat:4.1.23:::::::*
cpe:2.3:a:apache:tomcat:4.1.24:::::::*
cpe:2.3:a:apache:tomcat:4.1.25:::::::*
cpe:2.3:a:apache:tomcat:4.1.26:::::::*
cpe:2.3:a:apache:tomcat:4.1.27:::::::*
cpe:2.3:a:apache:tomcat:4.1.28:::::::*
cpe:2.3:a:apache:tomcat:4.1.29:::::::*
cpe:2.3:a:apache:tomcat:4.1.30:::::::*
cpe:2.3:a:apache:tomcat:4.1.31:::::::*
cpe:2.3:a:apache:tomcat:4.1.32:::::::*
cpe:2.3:a:apache:tomcat:4.1.33:::::::*
cpe:2.3:a:apache:tomcat:4.1.34:::::::*
cpe:2.3:a:apache:tomcat:4.1.35:::::::*
cpe:2.3:a:apache:tomcat:4.1.36:::::::*
cpe:2.3:a:apache:tomcat:5.0.0:::::::*
cpe:2.3:a:apache:tomcat:5.0.1:::::::*
cpe:2.3:a:apache:tomcat:5.0.2:::::::*
cpe:2.3:a:apache:tomcat:5.0.3:::::::*
cpe:2.3:a:apache:tomcat:5.0.4:::::::*
cpe:2.3:a:apache:tomcat:5.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.0.6:::::::*
cpe:2.3:a:apache:tomcat:5.0.7:::::::*
cpe:2.3:a:apache:tomcat:5.0.8:::::::*
cpe:2.3:a:apache:tomcat:5.0.9:::::::*
cpe:2.3:a:apache:tomcat:5.0.10:::::::*
cpe:2.3:a:apache:tomcat:5.0.11:::::::*
cpe:2.3:a:apache:tomcat:5.0.12:::::::*
cpe:2.3:a:apache:tomcat:5.0.13:::::::*
cpe:2.3:a:apache:tomcat:5.0.14:::::::*
cpe:2.3:a:apache:tomcat:5.0.15:::::::*
cpe:2.3:a:apache:tomcat:5.0.16:::::::*
cpe:2.3:a:apache:tomcat:5.0.17:::::::*
cpe:2.3:a:apache:tomcat:5.0.18:::::::*
cpe:2.3:a:apache:tomcat:5.0.19:::::::*
cpe:2.3:a:apache:tomcat:5.0.21:::::::*
cpe:2.3:a:apache:tomcat:5.0.22:::::::*
cpe:2.3:a:apache:tomcat:5.0.23:::::::*
cpe:2.3:a:apache:tomcat:5.0.24:::::::*
cpe:2.3:a:apache:tomcat:5.0.25:::::::*
cpe:2.3:a:apache:tomcat:5.0.26:::::::*
cpe:2.3:a:apache:tomcat:5.0.27:::::::*
cpe:2.3:a:apache:tomcat:5.0.28:::::::*
cpe:2.3:a:apache:tomcat:5.0.29:::::::*
cpe:2.3:a:apache:tomcat:5.0.30:::::::*
cpe:2.3:a:apache:tomcat:5.5.0:::::::*
cpe:2.3:a:apache:tomcat:5.5.1:::::::*
cpe:2.3:a:apache:tomcat:5.5.2:::::::*
cpe:2.3:a:apache:tomcat:5.5.3:::::::*
cpe:2.3:a:apache:tomcat:5.5.4:::::::*
cpe:2.3:a:apache:tomcat:5.5.5:::::::*
cpe:2.3:a:apache:tomcat:5.5.6:::::::*
cpe:2.3:a:apache:tomcat:5.5.7:::::::*
cpe:2.3:a:apache:tomcat:5.5.8:::::::*
cpe:2.3:a:apache:tomcat:5.5.9:::::::*
cpe:2.3:a:apache:tomcat:5.5.10:::::::*
cpe:2.3:a:apache:tomcat:5.5.11:::::::*
cpe:2.3:a:apache:tomcat:5.5.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.13:::::::*
cpe:2.3:a:apache:tomcat:5.5.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.15:::::::*
cpe:2.3:a:apache:tomcat:5.5.16:::::::*
cpe:2.3:a:apache:tomcat:5.5.17:::::::*
cpe:2.3:a:apache:tomcat:5.5.18:::::::*
cpe:2.3:a:apache:tomcat:5.5.19:::::::*
cpe:2.3:a:apache:tomcat:5.5.20:::::::*
cpe:2.3:a:apache:tomcat:5.5.21:::::::*
cpe:2.3:a:apache:tomcat:5.5.22:::::::*
cpe:2.3:a:apache:tomcat:5.5.23:::::::*
cpe:2.3:a:apache:tomcat:5.5.24:::::::*
cpe:2.3:a:apache:tomcat:5.5.25:::::::*
cpe:2.3:a:apache:tomcat:5.5.26:::::::*
cpe:2.3:a:apache:tomcat:5.5.27:::::::*

関連情報、対策とツール

No	URL	refsource
1	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html	secalert@redhat.com
2	http://mail-archives.apache.org/mod_mbox/www-announce/200904.mbox/%3C49DBBAC0.2080400%40apache.org%3E	secalert@redhat.com
3	http://marc.info/?l=tomcat-dev&m=123913700700879	secalert@redhat.com
4	http://secunia.com/advisories/29283	secalert@redhat.com
5	http://secunia.com/advisories/34621	secalert@redhat.com
6	http://secunia.com/advisories/35537	secalert@redhat.com
7	http://securitytracker.com/id?1022001	secalert@redhat.com
8	http://sunsolve.sun.com/search/document.do?assetkey=1-26-262468-1	secalert@redhat.com
9	http://svn.eu.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c?r1=702387&r2=702540&pathrev=702540&diff_format=h	secalert@redhat.com
10	http://svn.eu.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml?view=markup&pathrev=702540	secalert@redhat.com
11	http://svn.eu.apache.org/viewvc?view=rev&revision=702540	secalert@redhat.com
12	http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html	secalert@redhat.com
13	http://tomcat.apache.org/security-jk.html	secalert@redhat.com
14	http://www.debian.org/security/2009/dsa-1810	secalert@redhat.com
15	http://www.openwall.com/lists/oss-security/2009/04/08/10	secalert@redhat.com
16	http://www.redhat.com/support/errata/RHSA-2009-0446.html	secalert@redhat.com
17	http://www.securityfocus.com/archive/1/502530/100/0/threaded	secalert@redhat.com
18	http://www.securityfocus.com/bid/34412	secalert@redhat.com
19	http://www.vupen.com/english/advisories/2009/0973	secalert@redhat.com
20	https://bugzilla.redhat.com/show_bug.cgi?id=490201	secalert@redhat.com
21	https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
22	https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
23	https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
24	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
25	https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
26	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	secalert@redhat.com
27	http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html	af854a3a-2127-422b-91ae-364da2661108
28	http://mail-archives.apache.org/mod_mbox/www-announce/200904.mbox/%3C49DBBAC0.2080400%40apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
29	http://marc.info/?l=tomcat-dev&m=123913700700879	af854a3a-2127-422b-91ae-364da2661108
30	http://secunia.com/advisories/29283	af854a3a-2127-422b-91ae-364da2661108
31	http://secunia.com/advisories/34621	af854a3a-2127-422b-91ae-364da2661108
32	http://secunia.com/advisories/35537	af854a3a-2127-422b-91ae-364da2661108
33	http://securitytracker.com/id?1022001	af854a3a-2127-422b-91ae-364da2661108
34	http://sunsolve.sun.com/search/document.do?assetkey=1-26-262468-1	af854a3a-2127-422b-91ae-364da2661108
35	http://svn.eu.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c?r1=702387&r2=702540&pathrev=702540&diff_format=h	af854a3a-2127-422b-91ae-364da2661108
36	http://svn.eu.apache.org/viewvc/tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml?view=markup&pathrev=702540	af854a3a-2127-422b-91ae-364da2661108
37	http://svn.eu.apache.org/viewvc?view=rev&revision=702540	af854a3a-2127-422b-91ae-364da2661108
38	http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html	af854a3a-2127-422b-91ae-364da2661108
39	http://tomcat.apache.org/security-jk.html	af854a3a-2127-422b-91ae-364da2661108
40	http://www.debian.org/security/2009/dsa-1810	af854a3a-2127-422b-91ae-364da2661108
41	http://www.openwall.com/lists/oss-security/2009/04/08/10	af854a3a-2127-422b-91ae-364da2661108
42	http://www.redhat.com/support/errata/RHSA-2009-0446.html	af854a3a-2127-422b-91ae-364da2661108
43	http://www.securityfocus.com/archive/1/502530/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
44	http://www.securityfocus.com/bid/34412	af854a3a-2127-422b-91ae-364da2661108
45	http://www.vupen.com/english/advisories/2009/0973	af854a3a-2127-422b-91ae-364da2661108
46	https://bugzilla.redhat.com/show_bug.cgi?id=490201	af854a3a-2127-422b-91ae-364da2661108
47	https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
48	https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
49	https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
50	https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
51	https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108
52	https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E	af854a3a-2127-422b-91ae-364da2661108

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:a:apache:mod_jk:1.2:::::::*
cpe:2.3:a:apache:mod_jk:1.2.1:::::::*
cpe:2.3:a:apache:mod_jk:1.2.6:::::::*
cpe:2.3:a:apache:mod_jk:1.2.7:::::::*
cpe:2.3:a:apache:mod_jk:1.2.8:::::::*
cpe:2.3:a:apache:mod_jk:1.2.9:::::::*
cpe:2.3:a:apache:mod_jk:1.2.10:::::::*
cpe:2.3:a:apache:mod_jk:1.2.11:::::::*
cpe:2.3:a:apache:mod_jk:1.2.12:::::::*
cpe:2.3:a:apache:mod_jk:1.2.13:::::::*
cpe:2.3:a:apache:mod_jk:1.2.14:::::::*
cpe:2.3:a:apache:mod_jk:1.2.14.1:::::::*
cpe:2.3:a:apache:mod_jk:1.2.15:::::::*
cpe:2.3:a:apache:mod_jk:1.2.16:::::::*
cpe:2.3:a:apache:mod_jk:1.2.17:::::::*
cpe:2.3:a:apache:mod_jk:1.2.18:::::::*
cpe:2.3:a:apache:mod_jk:1.2.19:::::::*
cpe:2.3:a:apache:mod_jk:1.2.20:::::::*
cpe:2.3:a:apache:mod_jk:1.2.21:::::::*
cpe:2.3:a:apache:mod_jk:1.2.22:::::::*
cpe:2.3:a:apache:mod_jk:1.2.23:::::::*
cpe:2.3:a:apache:mod_jk:1.2.24:::::::*
cpe:2.3:a:apache:mod_jk:1.2.25:::::::*
cpe:2.3:a:apache:mod_jk:1.2.26:::::::*
cpe:2.3:a:apache:tomcat:4.0.0:::::::*
cpe:2.3:a:apache:tomcat:4.0.1:::::::*
cpe:2.3:a:apache:tomcat:4.0.2:::::::*
cpe:2.3:a:apache:tomcat:4.0.3:::::::*
cpe:2.3:a:apache:tomcat:4.0.4:::::::*
cpe:2.3:a:apache:tomcat:4.0.5:::::::*
cpe:2.3:a:apache:tomcat:4.0.6:::::::*
cpe:2.3:a:apache:tomcat:4.1.0:::::::*
cpe:2.3:a:apache:tomcat:4.1.1:::::::*
cpe:2.3:a:apache:tomcat:4.1.2:::::::*
cpe:2.3:a:apache:tomcat:4.1.3:::::::*
cpe:2.3:a:apache:tomcat:4.1.3:beta::::::
cpe:2.3:a:apache:tomcat:4.1.4:::::::*
cpe:2.3:a:apache:tomcat:4.1.5:::::::*
cpe:2.3:a:apache:tomcat:4.1.6:::::::*
cpe:2.3:a:apache:tomcat:4.1.7:::::::*
cpe:2.3:a:apache:tomcat:4.1.8:::::::*
cpe:2.3:a:apache:tomcat:4.1.9:::::::*
cpe:2.3:a:apache:tomcat:4.1.9:beta::::::
cpe:2.3:a:apache:tomcat:4.1.10:::::::*
cpe:2.3:a:apache:tomcat:4.1.11:::::::*
cpe:2.3:a:apache:tomcat:4.1.12:::::::*
cpe:2.3:a:apache:tomcat:4.1.13:::::::*
cpe:2.3:a:apache:tomcat:4.1.14:::::::*
cpe:2.3:a:apache:tomcat:4.1.15:::::::*
cpe:2.3:a:apache:tomcat:4.1.16:::::::*
cpe:2.3:a:apache:tomcat:4.1.17:::::::*
cpe:2.3:a:apache:tomcat:4.1.18:::::::*
cpe:2.3:a:apache:tomcat:4.1.19:::::::*
cpe:2.3:a:apache:tomcat:4.1.20:::::::*
cpe:2.3:a:apache:tomcat:4.1.21:::::::*
cpe:2.3:a:apache:tomcat:4.1.22:::::::*
cpe:2.3:a:apache:tomcat:4.1.23:::::::*
cpe:2.3:a:apache:tomcat:4.1.24:::::::*
cpe:2.3:a:apache:tomcat:4.1.25:::::::*
cpe:2.3:a:apache:tomcat:4.1.26:::::::*
cpe:2.3:a:apache:tomcat:4.1.27:::::::*
cpe:2.3:a:apache:tomcat:4.1.28:::::::*
cpe:2.3:a:apache:tomcat:4.1.29:::::::*
cpe:2.3:a:apache:tomcat:4.1.30:::::::*
cpe:2.3:a:apache:tomcat:4.1.31:::::::*
cpe:2.3:a:apache:tomcat:4.1.32:::::::*
cpe:2.3:a:apache:tomcat:4.1.33:::::::*
cpe:2.3:a:apache:tomcat:4.1.34:::::::*
cpe:2.3:a:apache:tomcat:4.1.35:::::::*
cpe:2.3:a:apache:tomcat:4.1.36:::::::*
cpe:2.3:a:apache:tomcat:5.0.0:::::::*
cpe:2.3:a:apache:tomcat:5.0.1:::::::*
cpe:2.3:a:apache:tomcat:5.0.2:::::::*
cpe:2.3:a:apache:tomcat:5.0.3:::::::*
cpe:2.3:a:apache:tomcat:5.0.4:::::::*
cpe:2.3:a:apache:tomcat:5.0.5:::::::*
cpe:2.3:a:apache:tomcat:5.0.6:::::::*
cpe:2.3:a:apache:tomcat:5.0.7:::::::*
cpe:2.3:a:apache:tomcat:5.0.8:::::::*
cpe:2.3:a:apache:tomcat:5.0.9:::::::*
cpe:2.3:a:apache:tomcat:5.0.10:::::::*
cpe:2.3:a:apache:tomcat:5.0.11:::::::*
cpe:2.3:a:apache:tomcat:5.0.12:::::::*
cpe:2.3:a:apache:tomcat:5.0.13:::::::*
cpe:2.3:a:apache:tomcat:5.0.14:::::::*
cpe:2.3:a:apache:tomcat:5.0.15:::::::*
cpe:2.3:a:apache:tomcat:5.0.16:::::::*
cpe:2.3:a:apache:tomcat:5.0.17:::::::*
cpe:2.3:a:apache:tomcat:5.0.18:::::::*
cpe:2.3:a:apache:tomcat:5.0.19:::::::*
cpe:2.3:a:apache:tomcat:5.0.21:::::::*
cpe:2.3:a:apache:tomcat:5.0.22:::::::*
cpe:2.3:a:apache:tomcat:5.0.23:::::::*
cpe:2.3:a:apache:tomcat:5.0.24:::::::*
cpe:2.3:a:apache:tomcat:5.0.25:::::::*
cpe:2.3:a:apache:tomcat:5.0.26:::::::*
cpe:2.3:a:apache:tomcat:5.0.27:::::::*
cpe:2.3:a:apache:tomcat:5.0.28:::::::*
cpe:2.3:a:apache:tomcat:5.0.29:::::::*
cpe:2.3:a:apache:tomcat:5.0.30:::::::*
cpe:2.3:a:apache:tomcat:5.5.0:::::::*
cpe:2.3:a:apache:tomcat:5.5.1:::::::*
cpe:2.3:a:apache:tomcat:5.5.2:::::::*
cpe:2.3:a:apache:tomcat:5.5.3:::::::*
cpe:2.3:a:apache:tomcat:5.5.4:::::::*
cpe:2.3:a:apache:tomcat:5.5.5:::::::*
cpe:2.3:a:apache:tomcat:5.5.6:::::::*
cpe:2.3:a:apache:tomcat:5.5.7:::::::*
cpe:2.3:a:apache:tomcat:5.5.8:::::::*
cpe:2.3:a:apache:tomcat:5.5.9:::::::*
cpe:2.3:a:apache:tomcat:5.5.10:::::::*
cpe:2.3:a:apache:tomcat:5.5.11:::::::*
cpe:2.3:a:apache:tomcat:5.5.12:::::::*
cpe:2.3:a:apache:tomcat:5.5.13:::::::*
cpe:2.3:a:apache:tomcat:5.5.14:::::::*
cpe:2.3:a:apache:tomcat:5.5.15:::::::*
cpe:2.3:a:apache:tomcat:5.5.16:::::::*
cpe:2.3:a:apache:tomcat:5.5.17:::::::*
cpe:2.3:a:apache:tomcat:5.5.18:::::::*
cpe:2.3:a:apache:tomcat:5.5.19:::::::*
cpe:2.3:a:apache:tomcat:5.5.20:::::::*
cpe:2.3:a:apache:tomcat:5.5.21:::::::*
cpe:2.3:a:apache:tomcat:5.5.22:::::::*
cpe:2.3:a:apache:tomcat:5.5.23:::::::*
cpe:2.3:a:apache:tomcat:5.5.24:::::::*
cpe:2.3:a:apache:tomcat:5.5.25:::::::*
cpe:2.3:a:apache:tomcat:5.5.26:::::::*
cpe:2.3:a:apache:tomcat:5.5.27:::::::*