The vulnerability of the mod_jk module of the Apache Tomcat JK Connector allows attackers to disclose sensitive information or cause service failures.

The vulnerability of the JkShmFile directive in the modjk module of the Apache Tomcat JK Connector is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow an attacker to disclose information about the modjk module or cause service failures...

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Active Check

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Linux

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Windows

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

Apache Tomcat JK Connector (mod_jk) 1.2.0 - 1.2.41 Buffer Overflow Vulnerability - Linux

Apache Tomcat JK Connector modjk is prone to a buffer overflow vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

Apache Tomcat JK Connector (mod_jk) < 1.2.41 Authentication Bypass Vulnerability

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Gentoo Security Advisory GLSA 200906-04 (mod_jk)

The remote host is missing updates announced in advisory GLSA 200906-04. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200906-04 (mod_jk)

The remote host is missing updates announced in advisory GLSA 200906-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200906-04 : Apache Tomcat JK Connector: Information disclosure

The remote host is affected by the vulnerability described in GLSA-200906-04 Apache Tomcat JK Connector: Information disclosure The Red Hat Security Response Team discovered that modjk does not properly handle 1 requests setting the 'Content-Length' header while not providing data and 2 clients...

Apache Tomcat JK Connector (mod_jk) Detection (HTTP)

HTTP based detection of Apache Tomcat JK Connector modjk. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Apache Tomcat JK Connector (mod_jk) 1.2.0 - 1.2.26 Information Disclosure Vulnerability

Apache Tomcat JK Connector modjk is prone to an information disclosure vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

FreeBSD : mod_jk -- long URL stack overflow vulnerability (cf86c644-cb6c-11db-8e9d-000c6ec775d9)

TippingPoint and The Zero Day Initiative reports : This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. The specific flaw exists in the URI handler f...

Apache Tomcat JK Web Server Connector超长URL栈溢出漏洞

Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Tomcat JK Web Server Connector的modjk.so库在处理超长畸形的URL时存在漏洞，远程攻击者可能利用此漏洞控制服务器。 Apache Tomcat JK Web Server Connector的modjk.so库URI处理器mapuritoworker是在native/common/jkuriworkermap.c文件中定义的。当该库在解析超过4095字节的超长URL请求时URI...

DSquare Exploit Pack: D2SEC_MOD_JK

Name| d2secmodjk ---|--- CVE| CVE-2007-0774 Exploit Pack| D2ExploitPack Description| Apache Tomcat JK Web Server Connector Stack Overflow Vulnerability Notes|...

CVE-2007-0774

Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...

CVE-2007-0774

Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...