Apache Tomcat is a Java web application platform which can run under various types of web servers. The JK Web Server Connector (mod_jk) is used for communication between Tomcat and the web server.
A buffer overflow in a URI worker map routine allows remote attackers to execute arbitrary commands by sending a request for a long, specially crafted URI to the web server.
Upgrade to mod_jk 1.2.21 or higher.
Exploit works on Apache Tomcat JK Web Server Connector 1.2.19 for Apache HTTP Server 2.0.58 on Windows and Apache Tomcat JK Web Server Connector 1.2.20 for Apache HTTP Server 2.0.58 on Linux. Apache, Apache Tomcat, and the JK Web Server Connector must be properly configured on the target in order for this exploit to succeed.
IPv6 support for this exploit is only available for Linux targets.
Windows Server 2003