Lucene search
K

27 matches found

BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.10 views

The vulnerability of the mod_jk module of the Apache Tomcat JK Connector allows attackers to disclose sensitive information or cause service failures.

The vulnerability of the JkShmFile directive in the modjk module of the Apache Tomcat JK Connector is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow an attacker to disclose information about the modjk module or cause service failures...

5.9CVSS6.2AI score0.00326EPSS
Exploits0References6Affected Software4
RedHat Linux
RedHat Linux
added 2019/02/18 4:58 p.m.5 views

mod_jk: connector path traversal due to mishandled HTTP requests in httpd

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS7.3AI score0.90647EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/02/18 4:55 p.m.4 views

mod_jk: connector path traversal due to mishandled HTTP requests in httpd

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS7.3AI score0.90647EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2019/01/03 12:0 a.m.50 views

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Active Check

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

6.9AI score
Exploits0References2
OpenVAS
OpenVAS
added 2019/01/03 12:0 a.m.926 views

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Linux

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

6.9AI score
Exploits0References2
OpenVAS
OpenVAS
added 2019/01/03 12:0 a.m.61 views

Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Windows

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

6.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/11/02 3:19 p.m.33 views

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS1.9AI score0.90647EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/10/31 8:29 p.m.31 views

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS7.2AI score0.90647EPSS
Exploits0References3
NVD
NVD
added 2018/10/31 8:29 p.m.26 views

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS7.5AI score0.90647EPSS
Exploits0References13
OSV
OSV
added 2018/10/31 8:29 p.m.2 views

DEBIAN-CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS8.8AI score0.90647EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/10/31 8:0 p.m.31 views

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.5CVSS7.8AI score0.90647EPSS
Exploits0
Cvelist
Cvelist
added 2018/10/31 8:0 p.m.40 views

CVE-2018-11759

The Apache Web Server httpd specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK modjk Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was...

7.7AI score0.90647EPSS
Exploits0References13
CISA
CISA
added 2018/10/31 12:0 a.m.36 views

Apache Releases Security Update for Apache Tomcat JK Connectors

The Apache Software Foundation has released a security update to address a vulnerability affecting Apache Tomcat JK Connectors 1.2.0 to 1.2.44. A remote attacker could exploit this vulnerability to obtain access to sensitive information. NCCIC encourages users and administrators to review the...

5CVSS2.2AI score0.90647EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/02/27 12:0 a.m.47 views

Apache Tomcat JK Connector (mod_jk) 1.2.0 - 1.2.41 Buffer Overflow Vulnerability - Linux

Apache Tomcat JK Connector modjk is prone to a buffer overflow vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

9.8CVSS9.6AI score0.18989EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/05/11 12:0 a.m.32 views

Apache Tomcat JK Connector (mod_jk) < 1.2.41 Authentication Bypass Vulnerability

Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.1AI score0.07109EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/07/06 12:0 a.m.31 views

Gentoo Security Advisory GLSA 200906-04 (mod_jk)

The remote host is missing updates announced in advisory GLSA 200906-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

2.6CVSS0.3AI score0.07263EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/07/06 12:0 a.m.19 views

Gentoo Security Advisory GLSA 200906-04 (mod_jk)

The remote host is missing updates announced in advisory GLSA 200906-04. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

2.6CVSS6.3AI score0.07263EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2009/06/30 12:0 a.m.40 views

GLSA-200906-04 : Apache Tomcat JK Connector: Information disclosure

The remote host is affected by the vulnerability described in GLSA-200906-04 Apache Tomcat JK Connector: Information disclosure The Red Hat Security Response Team discovered that modjk does not properly handle 1 requests setting the 'Content-Length' header while not providing data and 2 clients...

2.6CVSS5.2AI score0.07263EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/04/17 12:0 a.m.11 views

Apache Tomcat JK Connector (mod_jk) Detection (HTTP)

HTTP based detection of Apache Tomcat JK Connector modjk. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

7.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/04/17 12:0 a.m.28 views

Apache Tomcat JK Connector (mod_jk) 1.2.0 - 1.2.26 Information Disclosure Vulnerability

Apache Tomcat JK Connector modjk is prone to an information disclosure vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

2.6CVSS6.2AI score0.07263EPSS
Exploits2References4
Rows per page
Query Builder