Stack-Based Buffer Overflow in Apache Mod_jk2 by The Apache Software Foundation
CVE-2007-6258

Currently unrated

Key Information:

Vendor: Apache
Status: Mod Jk
Vendor: CVE Published:; 19 February 2008

Summary

The legacy mod_jk2 module, specifically versions 2.0.3-DEV and prior, is susceptible to multiple stack-based buffer overflow vulnerabilities. These vulnerabilities occur when the module improperly handles long Host headers or Hostnames within the Host header. Remote attackers can exploit these issues to execute arbitrary code on affected systems, leading to severe security risks.

References

http://www.securityfocus.com/archive/1/487983/100/100/thr...

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2008/0572

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/27752

vdb-entryx_refsource_BID

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 19, 2008
Vulnerability Reserved
Dec 5, 2007