Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
marc.info/?l=bugtraq&m=132215163318824&w=2
marc.info/?l=bugtraq&m=133469267822771&w=2
marc.info/?l=bugtraq&m=136485229118404&w=2
marc.info/?l=bugtraq&m=139344343412337&w=2
secunia.com/advisories/45748
secunia.com/advisories/48308
secunia.com/advisories/49094
secunia.com/advisories/57126
securityreason.com/securityalert/8362
www.debian.org/security/2012/dsa-2401
www.mandriva.com/security/advisories?name=MDVSA-2011:156
www.securityfocus.com/archive/1/519466/100/0/threaded
www.securityfocus.com/bid/49353
www.securitytracker.com/id?1025993
exchange.xforce.ibmcloud.com/vulnerabilities/69472
issues.apache.org/bugzilla/show_bug.cgi?id=51698
lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14933
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19465