Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200703-16
HistoryMar 16, 2007 - 12:00 a.m.

Apache JK Tomcat Connector: Remote execution of arbitrary code

2007-03-1600:00:00
Gentoo Foundation
security.gentoo.org
18

0.549 Medium

EPSS

Percentile

97.7%

JSON

Background

The Apache HTTP server is a very widely used web server. mod_jk provides the JK module for connecting Tomcat and Apache using the ajp13 protocol.

Description

ZDI reported an unsafe memory copy in mod_jk that was discovered by an anonymous researcher in the map_uri_to_worker function of native/common/jk_uri_worker_map.c .

Impact

A remote attacker can send a long URL request to an Apache server using Tomcat. That can trigger the vulnerability and lead to a stack-based buffer overflow, which could result in the execution of arbitrary code with the permissions of the Apache user.

Workaround

There is no known workaround at this time.

Resolution

All Apache Tomcat users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-apache/mod_jk-1.2.21-r1"
OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-apache/mod_jk< 1.2.21-r1UNKNOWN

Related

checkpoint_advisories 2
nessus 3
openvas 6
d2 1
ubuntucve 1
saint 4
cve 1
securityvulns 2
cvelist 1
freebsd 1
tomcat 1
prion 1
zdi 1
cisco 1
redhat 2
packetstorm 1
debiancve 1
checkpoint_advisories
checkpoint_advisories
HTTP Format Sizes (CVE-2007-0774)
2013-07-04 00:00:00
Preemptive Protection against Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
2008-08-04 00:00:00
nessus
nessus
FreeBSD : mod_jk -- long URL stack overflow vulnerability (cf86c644-cb6c-11db-8e9d-000c6ec775d9)
2007-03-06 00:00:00
Apache mod_jk Long URL Worker Map Stack Remote Overflow
2007-03-15 00:00:00
GLSA-200703-16 : Apache JK Tomcat Connector: Remote execution of arbitrary code
2007-03-18 00:00:00
openvas
openvas
FreeBSD Ports: mod_jk-ap2, mod_jk
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200703-16 (mod_jk)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200703-16 (mod_jk)
2008-09-24 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_MOD_JK
2007-03-04 22:19:00
ubuntucve
ubuntucve
CVE-2007-0774
2007-03-04 00:00:00
saint
saint
Apache Tomcat JK Web Server Connector URI worker map buffer overflow
2008-07-30 00:00:00
Apache Tomcat JK Web Server Connector URI worker map buffer overflow
2008-07-30 00:00:00
Apache Tomcat JK Web Server Connector URI worker map buffer overflow
2008-07-30 00:00:00
cve
cve
CVE-2007-0774
2007-03-04 22:19:00
securityvulns
securityvulns
ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
2007-03-02 00:00:00
Apache Tomcat buffer overflow
2007-03-02 00:00:00
cvelist
cvelist
CVE-2007-0774
2007-03-04 22:00:00
freebsd
freebsd
mod_jk -- long URL stack overflow vulnerability
2007-03-02 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat JK Connector 1.2.21
2007-02-06 00:00:00
prion
prion
Stack overflow
2007-03-04 22:19:00
zdi
zdi
Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
2007-03-02 00:00:00
cisco
cisco
Cisco Wireless Control System Tomcat mod_jk.so Vulnerability
2008-01-30 16:00:00
redhat
redhat
(RHSA-2007:0164) Critical: mod_jk security update
2007-04-12 00:00:00
(RHSA-2007:0096) Critical: mod_jk security update
2007-03-02 00:00:00
packetstorm
packetstorm
apache_modjk_overflow.rb.txt
2007-07-10 00:00:00
debiancve
debiancve
CVE-2007-0774
2007-03-04 22:19:00

0.549 Medium

EPSS

Percentile

97.7%

JSON
Related for GLSA-200703-16
checkpoint_advisories2nessus3openvas6d21ubuntucve1saint4cve1securityvulns2cvelist1freebsd1tomcat1prion1zdi1cisco1redhat2packetstorm1debiancve1