Security Issues with mod_jk/Tomcat

Axton Sun, 08 Jul 2007 15:53:40 -0700

fyi, if you are using mod_jk 1.2.20 or earlier or Tomcat 5.5.20 or earlier.


http://www.securityfocus.com/bid/22791

Quoted from "http://www.milw0rm.com/exploits/4162":
** Advanced exploitation in exec-shield (Fedora Core case study)
** URL: http://x82.inetcop.org/h0me/papers/FC_exploit/FC_exploit.txt
**
** Reference: http://www.securityfocus.com/bid/22791
** vendor: http://tomcat.apache.org/
**
** eliteboy's exploit (SUSE, Debian, FreeBSD):
** http://www.milw0rm.com/exploits/4093
**
** Nicob <nicob[at]nicob.net>'s exploit (Win32):
** 
http://downloads.securityfocus.com/vulnerabilities/exploits/apache_modjk_overflow.rb
**
** --
** exploit by "you dong-hun"(Xpl017Elz), <[EMAIL PROTECTED]>.
** My World: http://x82.inetcop.org

Axton Grams

_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers 
Are"

Security Issues with mod_jk/Tomcat

Reply via email to