CVE-2007-1860 – mod_jk sends decoded URL to tomcat
https://notcve.org/view.php?id=CVE-2007-1860
mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450. El componente mod_jk en Apache Tomcat JK Web Server Connector versión 1.2. x anterior a 1.2.23, descodifica las URL de petición dentro del servidor Apache HTTP antes de pasar la URL a Tomcat, lo que permite a los atacantes remotos acceder a páginas protegidas por medio de un JkMount prefijado y creado, posiblemente involucrando secuencias double-encoded.. (punto punto) y el salto de directorio (directory traversal), un problema relacionado a CVE-2007-0450. • http://docs.info.apple.com/article.html?artnum=306172 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://secunia.com/advisories/25383 http://secunia.com/advisories/25701 http://secunia.com/advisories/26235 http://secunia.com/advisories/26512 http://secunia.com/advisories/27037 http://secunia.com/advisorie • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2007-0774 – Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0774
Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine. Desbordamiento de búfer basado en pila en la función map_uri_to_worker (native/common/jk_uri_worker_map.c) en mod_jk.so para Apache Tomcat JK Web Server Connector 1.2.19 y 1.2.20, tal y como se usa en Tomcat 4.1.34 y 5.5.20, permite a atacantes remotos ejecutar código de su elección a través de una URL que dispara el desbordamiento de búfer en una rutina del mapa del trabajador URI. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. The specific flaw exists in the URI handler for the mod_jk.so library, map_uri_to_worker(), defined in native/common/jk_uri_worker_map.c. When parsing a long URL request, the URI worker map routine performs an unsafe memory copy. • https://www.exploit-db.com/exploits/4162 https://www.exploit-db.com/exploits/16798 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://secunia.com/advisories/24398 http://secunia.com/advisories/24558 http://secunia.com/advisories/27037 http://secunia.com/advisories/28711 http://securitytracker.com/id?1017719 http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html http://tomcat.apache.org/security-jk.html http://www.cisco.com/en/US& •