Apache mod_jk2 Host Header Multiple Buffer Overflow Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 18 Feb 2008 4448 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in mod_jk2 for Apache, which could be exploited by remote attackers to cause a denial of service or compromise an affected web server. These issues are caused by buffer overflow errors when processing requests containing a malformed or overly long "Host" header, which could be exploited by remote attackers to crash an affected server or execute arbitrary code via a specially crafted request.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • mod_jk2 versions prior to 2.0.4

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to mod_jk2 version 2.0.4 or later :
http://tomcat.apache.org/download-connectors.cgi

Vulnerability Identifier

Source

Related Link

Share with

Previous

MySQL Multiple Vulnerabilities

15 Feb 2008 4506 Views

Next

IBM Lotus Notes Java Plugin Sandbox Security Bypass Vulnerability

21 Feb 2008 4599 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY