Executive Summary
Summary | |
---|---|
Title | mod_jk security update |
Informations | |||
---|---|---|---|
Name | RHSA-2007:0380 | First vendor Publication | 2007-05-30 |
Vendor | RedHat | Last vendor Modification | 2007-05-30 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated mod_jk packages that fix a security issue are now available for Red Hat Application Server. This update has been rated as having Important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - i386, ia64, ppc, x86_64 Red Hat Application Server v2 4ES - i386, ia64, x86_64 Red Hat Application Server v2 4WS - i386, ia64, x86_64 3. Problem description: mod_jk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP Server 2. Versions of mod_jk before 1.2.23 decoded request URLs by default inside Apache httpd and forwarded the encoded URL to Tomcat, which itself did a second decoding. If Tomcat was used behind mod_jk and configured to only proxy some contexts, an attacker could construct a carefully crafted HTTP request to work around the context restriction and potentially access non-proxied content (CVE-2007-1860). Users of mod_jk should upgrade to these updated packages, which address this issue by changing the default so mod_jk forwards the original unchanged request URL to Tomcat. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237656 - CVE-2007-1860 mod_jk sends decoded URL to tomcat |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2007-0380.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18548 | |||
Oval ID: | oval:org.mitre.oval:def:18548 | ||
Title: | DSA-1312-1 libapache-mod-jk | ||
Description: | It was discovered that the Apache 1.3 connector for the Tomcat Java servlet engine decoded request URLs multiple times, which can lead to information disclosure. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1312-1 CVE-2007-1860 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | libapache-mod-jk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6002 | |||
Oval ID: | oval:org.mitre.oval:def:6002 | ||
Title: | HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) | ||
Description: | mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-1860 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Tomcat File : nvt/sles9p5021793.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02262 File : nvt/gb_hp_ux_HPSBUX02262.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200708-15 (mod_jk) File : nvt/glsa_200708_15.nasl |
2008-09-04 | Name : FreeBSD Ports: mod_jk File : nvt/freebsd_mod_jk.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1312-1 (libapache-mod-jk) File : nvt/deb_1312_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
34877 | Apache Tomcat JK Web Server Connector (mod_jk) Double Encoded Traversal Arbit... Apache Tomcat JK Web Server Connector contains a flaw that allows a remote attacker to access files on the AJP back-end outside of the web root. The issue is due to a failure of handling double encoded ".." in a URL, specifically directory traversal style attacks. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0261.nasl - Type : ACT_GATHER_INFO |
2010-01-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0524.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12078.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_jk-4997.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_jk-4992.nasl - Type : ACT_GATHER_INFO |
2008-02-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_tomcat5-4990.nasl - Type : ACT_GATHER_INFO |
2007-08-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-15.nasl - Type : ACT_GATHER_INFO |
2007-08-02 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-007.nasl - Type : ACT_GATHER_INFO |
2007-06-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1312.nasl - Type : ACT_GATHER_INFO |
2007-06-05 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d9405748134211dca35c001485ab073e.nasl - Type : ACT_GATHER_INFO |