Detections
Analytics
mod_jk Chunked Encoding DoS (deprecated)
high Nessus Network Monitor Plugin ID 1571
Synopsis
The remote host is using a version of the Apache mod_jk module which is older than 1.2.1.Description
The remote host is using a version of the Apache mod_jk module which is older than 1.2.1. There is a bug in this version which may allow an attacker to use chunked encoding requests to desynchronize Apache and Tomcat and therefore prevent this host from working properly.Solution
Upgrade to mod_jk 1.2.1 or higher.See Also
http://archives.neohapsis.com/archives/bugtraq/2002-12/0045.html
Plugin Details
Severity: High
ID: 1571
Family: Web Servers
Published: 8/20/2004
Updated: 9/16/2018
Nessus ID: 11519
Risk Information
VPR
Risk Factor: Low
Score: 3.5
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Reference Information
CVE: CVE-2002-2272
BID: 6320