| VID |
22461 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Apache web server, according to its banner, has multiple buffer overflow vulnerabilities in the mod_jk2 Apache module. mod_jk2 Apache module versions prior to 2.0.4 are vulnerable to multiple stack-based overflow vulnerabilities, caused by improper bounds checking of the Host header or Hostname within a Host header. By sending a specially-crafted request containing an overly long Host header, a remote attacker could exploit these vulnerabilities to execute arbitrary code on the system or cause the application to crash.
* Note: This check solely relied on the banner of the HTTP server to assess this vulnerability, so this might be a false positive.
* References:
http://today.java.net/pub/n/mod_jk22.0.4
http://www.securityfocus.com/archive/1/487983
http://www.milw0rm.com/exploits/5330
http://www.ioactive.com/vulnerabilities/mod_jk2LegacyBufferOverflowAdvisory.pdf
http://www.kb.cert.org/vuls/id/771937
http://www.frsirt.com/english/advisories/2008/0572
* Platforms Affected:
Apache, mod_jk2 versions prior to 2.0.4
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of mod_jk2 (2.0.4 or later), available from the Apache Tomcat Downloads Web page at http://tomcat.apache.org/download-connectors.cgi |
| Related URL |
CVE-2007-6258 (CVE) |
| Related URL |
27752 (SecurityFocus) |
| Related URL |
40614 (ISS) |
|
