Signature Detail
Short Name |
HTTP:WEBSRV-BO-4096 |
|---|---|
Severity |
High |
Recommended |
No |
Category |
HTTP |
Keywords |
Multiple Web Servers 4096 Byte Length URL Buffer Overflow |
Release Date |
2010/03/19 |
Update Number |
1635 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Multiple Web Servers 4096 Byte Length URL Buffer Overflow
This signature detects attempts to exploit a known vulnerability in several popular Web servers, including but not limited to, Apache Tomcat Connector (mod_jk). A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Apache Tomcat is prone to a vulnerability that will allow remote attackers to execute arbitrary code on an affected computer. A successful attack may result in a complete compromise.
Affected Products
- Apache Software Foundation mod_jk 1.2.19
- Apache Software Foundation mod_jk 1.2.20
- Apache Software Foundation Tomcat 4.1.34
- Apache Software Foundation Tomcat 5.5.20
- Cisco Wireless Control System 4.1.91.0
- Cisco Wireless Control System 4.2
- Cisco Wireless Control System
- Cisco Wireless Control System for Linux
- Cisco Wireless Control System for Windows
- Cisco Wireless Control System Software 3.2
- Cisco Wireless Control System Software 4.0.0
- Cisco Wireless Control System Software 4.0.95
- Cisco Wireless Control System Software 4.0.96
- Cisco Wireless Control System Software 4.1
- Gentoo Linux
- HP HP-UX B.11.11
- HP HP-UX B.11.23
- HP HP-UX B.11.31
References
- BugTraq: 18647
- BugTraq: 22791
- BugTraq: 12592
- BugTraq: 27752
- CVE: CVE-2006-3252
- CVE: CVE-2007-0774
- CVE: CVE-2005-0478