This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apache First view 2009-04-09
Product Mod Jk Last view 2009-04-09
Version 1.2.9 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:apache:mod_jk

Activity : Overall

Related : CVE

  Date Alert Description
2.6 2009-04-09 CVE-2008-5519

The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-200 Information Exposure

Open Source Vulnerability Database (OSVDB)

id Description
53381 Apache Tomcat JK Connector Content-Length Header Cross-user Information Discl...

OpenVAS Exploits

id Description
2010-02-03 Name : Solaris Update for Apache 1.3 122911-19
File : nvt/gb_solaris_122911_19.nasl
2010-02-03 Name : Solaris Update for Apache 1.3 122912-19
File : nvt/gb_solaris_122912_19.nasl
2009-11-11 Name : SuSE Security Summary SUSE-SR:2009:018
File : nvt/suse_sr_2009_018.nasl
2009-10-13 Name : Solaris Update for tomcat security 114016-04
File : nvt/gb_solaris_114016_04.nasl
2009-10-13 Name : Solaris Update for tomcat security 114017-05
File : nvt/gb_solaris_114017_05.nasl
2009-10-13 Name : Solaris Update for Apache 1.3 122911-17
File : nvt/gb_solaris_122911_17.nasl
2009-10-13 Name : Solaris Update for Apache 1.3 122912-17
File : nvt/gb_solaris_122912_17.nasl
2009-09-23 Name : Solaris Update for tomcat security 114017-04
File : nvt/gb_solaris_114017_04.nasl
2009-09-23 Name : Solaris Update for Apache 1.3 122911-16
File : nvt/gb_solaris_122911_16.nasl
2009-09-23 Name : Solaris Update for Apache 1.3 122912-16
File : nvt/gb_solaris_122912_16.nasl
2009-07-06 Name : Gentoo Security Advisory GLSA 200906-04 (mod_jk)
File : nvt/glsa_200906_04.nasl
2009-06-15 Name : RedHat Security Advisory RHSA-2009:1087
File : nvt/RHSA_2009_1087.nasl
2009-04-28 Name : RedHat Security Advisory RHSA-2009:0446
File : nvt/RHSA_2009_0446.nasl
2009-04-17 Name : Apache Tomcat mod_jk Information Disclosure Vulnerability
File : nvt/gb_apache_tomcat_mod_jk_info_disc_vuln.nasl

Nessus® Vulnerability Scanner

id Description
2010-06-14 Name: The remote web server is prone to an information disclosure attack.
File: mod_jk_1_2_27.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2009-1618.nasl - Type: ACT_GATHER_INFO
2009-11-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_apache2-mod_jk-091028.nasl - Type: ACT_GATHER_INFO
2009-11-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_apache2-mod_jk-091028.nasl - Type: ACT_GATHER_INFO
2009-11-05 Name: The remote openSUSE host is missing a security update.
File: suse_apache2-mod_jk-6599.nasl - Type: ACT_GATHER_INFO
2009-06-30 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200906-04.nasl - Type: ACT_GATHER_INFO
2009-06-03 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1810.nasl - Type: ACT_GATHER_INFO
2006-07-18 Name: The remote host is missing Sun Security Patch number 122911-37
File: solaris10_122911.nasl - Type: ACT_GATHER_INFO
2006-07-18 Name: The remote host is missing Sun Security Patch number 122912-37
File: solaris10_x86_122912.nasl - Type: ACT_GATHER_INFO
2004-07-12 Name: The remote host is missing Sun Security Patch number 114016-08
File: solaris9_114016.nasl - Type: ACT_GATHER_INFO
2004-07-12 Name: The remote host is missing Sun Security Patch number 114017-07
File: solaris9_x86_114017.nasl - Type: ACT_GATHER_INFO