SAINT CorporationSAINT:5392C6B502778549FA1CAEBF8ECF748BApache Tomcat JK Web Server Connector URI worker map buffer overflow
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.621 Medium
EPSS
Percentile
97.8%
Added: 07/30/2008
CVE: CVE-2007-0774
BID: 22791
OSVDB: 33855
Background
Apache Tomcat is a Java web application platform which can run under various types of web servers. The JK Web Server Connector (mod_jk) is used for communication between Tomcat and the web server.
Problem
A buffer overflow in a URI worker map routine allows remote attackers to execute arbitrary commands by sending a request for a long, specially crafted URI to the web server.
Resolution
Upgrade to mod_jk 1.2.21 or higher.
References
<http://tomcat.apache.org/security-jk.html>
<http://www.zerodayinitiative.com/advisories/ZDI-07-008/>
Limitations
Exploit works on Apache Tomcat JK Web Server Connector 1.2.19 for Apache HTTP Server 2.0.58 on Windows and Apache Tomcat JK Web Server Connector 1.2.20 for Apache HTTP Server 2.0.58 on Linux. Apache, Apache Tomcat, and the JK Web Server Connector must be properly configured on the target in order for this exploit to succeed.
IPv6 support for this exploit is only available for Linux targets.
Platforms
Windows 2000
Windows Server 2003
Linux
Related
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.621 Medium
EPSS
Percentile
97.8%