Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2007:0096
HistoryMar 02, 2007 - 12:00 a.m.

(RHSA-2007:0096) Critical: mod_jk security update

2007-03-0200:00:00
access.redhat.com
16

0.621 Medium

EPSS

Percentile

97.8%

JSON

mod_jk is a Tomcat connector that can be used to communicate between Tomcat
and the Apache HTTP Server 2. mod_jk was first distributed with Red Hat
Application Stack version 1.1 released on 19 February 2007.

A stack overflow flaw was found in the URI handler of mod_jk. A remote
attacker could visit a carefully crafted URL being handled by mod_jk and
trigger this flaw, which could lead to the execution of arbitrary code as the
‘apache’ user. (CVE-2007-0774)

Users of mod_jk should upgrade to these updated packages, which contain a
backported patch to correct this issue.

Red Hat would like to thank TippingPoint and the Zero Day Initiative for
reporting this issue.

Related

nessus 3
gentoo 1
saint 4
packetstorm 1
redhat 1
debiancve 1
d2 1
openvas 6
ubuntucve 1
checkpoint_advisories 2
nvd 1
cve 1
zdi 1
cisco 1
securityvulns 2
prion 1
freebsd 1
tomcat 1
cvelist 1
nessus
nessus
GLSA-200703-16 : Apache JK Tomcat Connector: Remote execution of arbitrary code
2007-03-18 00:00:00
FreeBSD : mod_jk -- long URL stack overflow vulnerability (cf86c644-cb6c-11db-8e9d-000c6ec775d9)
2007-03-06 00:00:00
Apache mod_jk Long URL Worker Map Stack Remote Overflow
2007-03-15 00:00:00
gentoo
gentoo
Apache JK Tomcat Connector: Remote execution of arbitrary code
2007-03-16 00:00:00
saint
saint
Apache Tomcat JK Web Server Connector URI worker map buffer overflow
2008-07-30 00:00:00
Apache Tomcat JK Web Server Connector URI worker map buffer overflow
2008-07-30 00:00:00
Apache Tomcat JK Web Server Connector URI worker map buffer overflow
2008-07-30 00:00:00
packetstorm
packetstorm
apache_modjk_overflow.rb.txt
2007-07-10 00:00:00
redhat
redhat
(RHSA-2007:0164) Critical: mod_jk security update
2007-04-12 00:00:00
debiancve
debiancve
CVE-2007-0774
2007-03-04 22:19:00
d2
d2
DSquare Exploit Pack: D2SEC_MOD_JK
2007-03-04 22:19:00
openvas
openvas
FreeBSD Ports: mod_jk-ap2, mod_jk
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200703-16 (mod_jk)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200703-16 (mod_jk)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2007-0774
2007-03-04 00:00:00
checkpoint_advisories
checkpoint_advisories
HTTP Format Sizes (CVE-2007-0774)
2013-07-04 00:00:00
Preemptive Protection against Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
2008-08-04 00:00:00
nvd
nvd
CVE-2007-0774
2007-03-04 22:19:00
cve
cve
CVE-2007-0774
2007-03-04 22:19:00
zdi
zdi
Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
2007-03-02 00:00:00
cisco
cisco
Cisco Wireless Control System Tomcat mod_jk.so Vulnerability
2008-01-30 16:00:00
securityvulns
securityvulns
Apache Tomcat buffer overflow
2007-03-02 00:00:00
ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
2007-03-02 00:00:00
prion
prion
Stack overflow
2007-03-04 22:19:00
freebsd
freebsd
mod_jk -- long URL stack overflow vulnerability
2007-03-02 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat JK Connector 1.2.21
2007-02-06 00:00:00
cvelist
cvelist
CVE-2007-0774
2007-03-04 22:00:00

0.621 Medium

EPSS

Percentile

97.8%

JSON
Related for RHSA-2007:0096
nessus3gentoo1saint4packetstorm1redhat1debiancve1d21openvas6ubuntucve1checkpoint_advisories2nvd1cve1zdi1cisco1securityvulns2prion1freebsd1tomcat1cvelist1