Apache mod_jk2 Host Header Multiple Buffer Overflow Vulnerabilities
Multiple vulnerabilities have been identified in mod_jk2 for Apache, which could be exploited by remote attackers to cause a denial of service or compromise an affected web server. These issues are caused by buffer overflow errors when processing requests containing a malformed or overly long "Host" header, which could be exploited by remote attackers to crash an affected server or execute arbitrary code via a specially crafted request.
- Denial of Service
- Remote Code Execution
System / Technologies affected
- mod_jk2 versions prior to 2.0.4
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to mod_jk2 version 2.0.4 or later :