http://jakarta.apache.org/tomcat/news.html:
“14 January 2002 - Apache Tomcat 3.3 Updated to 3.3a
Important Notice: The Tomcat 3.3 release has been updated to 3.3a to deal with a DOS vulnerability on Windows systems. The vulnerability allows a special HTTP request to hang and never complete. This prevents the thread handling the request from handling any further requests until Tomcat is restarted. Other systems are not affected, and both Tomcat 3.2.x and Tomcat 4.x do not have this vunerability.
It is recommended that everyone using Tomcat 3.3 on a Windows system upgrade to 3.3a. This is possible using the full Tomcat 3.3a binary distribution, or by updating jar(s) in an existing Tomcat 3.3 installation. These may be found here along with additional information.”
Regards, Harald