Lucene search
RedHatRHSA-2009:1087HistoryJun 09, 2009 - 12:00 a.m.
(RHSA-2009:1087) Important: mod_jk security update
2009-06-0900:00:00
access.redhat.com
17
0.002 Low
EPSS
Percentile
54.3%
mod_jk is an Apache Tomcat connector that allows Apache Tomcat and the
Apache HTTP Server to communicate with each other.
An information disclosure flaw was found in mod_jk. In certain situations,
if a faulty client set the βContent-Lengthβ header without providing data,
or if a user sent repeated requests very quickly, one user may view a
response intended for another user. (CVE-2008-5519)
All mod_jk users are advised to upgrade to these updated packages. They
provide mod_jk 1.2.28, which is not vulnerable to this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | ppc | mod_jk-ap20 | <Β 1.2.28-1jpp_3rh | mod_jk-ap20-1.2.28-1jpp_3rh.ppc.rpm |
| RedHat | any | i386 | mod_jk-manual | <Β 1.2.28-1jpp_3rh | mod_jk-manual-1.2.28-1jpp_3rh.i386.rpm |
| RedHat | any | i386 | mod_jk-ap20 | <Β 1.2.28-1jpp_3rh | mod_jk-ap20-1.2.28-1jpp_3rh.i386.rpm |
| RedHat | any | x86_64 | mod_jk-manual | <Β 1.2.28-1jpp_3rh | mod_jk-manual-1.2.28-1jpp_3rh.x86_64.rpm |
| RedHat | any | ppc | mod_jk-manual | <Β 1.2.28-1jpp_3rh | mod_jk-manual-1.2.28-1jpp_3rh.ppc.rpm |
| RedHat | any | ia64 | mod_jk-manual | <Β 1.2.28-1jpp_3rh | mod_jk-manual-1.2.28-1jpp_3rh.ia64.rpm |
| RedHat | any | x86_64 | mod_jk-ap20 | <Β 1.2.28-1jpp_3rh | mod_jk-ap20-1.2.28-1jpp_3rh.x86_64.rpm |
| RedHat | any | ia64 | mod_jk-ap20 | <Β 1.2.28-1jpp_3rh | mod_jk-ap20-1.2.28-1jpp_3rh.ia64.rpm |
Related
openvas
openvas
Apache Tomcat JK Connector (mod_jk) 1.2.0 - 1.2.26 Information Disclosure Vulnerability
2009-04-17 00:00:00
Solaris Update for tomcat security 114017-05
2009-10-13 00:00:00
Solaris Update for tomcat security 114017-04
2009-09-23 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat JK Connector 1.2.27
2008-12-12 00:00:00
seebug
seebug
Apache Tomcat mod_jk Content-Length倴俑ζ―ζ³ι²ζΌζ΄
2009-04-10 00:00:00
nessus
nessus
openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-6599)
2009-11-05 00:00:00
Debian DSA-1810-1 : libapache-mod-jk - information disclosure
2009-06-03 00:00:00
RHEL 4 : mod_jk in Satellite Server (RHSA-2009:1618)
2010-01-10 00:00:00
redhat
redhat
(RHSA-2009:0446) Important: mod_jk security update
2009-04-23 00:00:00
nvd
nvd
CVE-2008-5519
2009-04-09 15:08:35
gentoo
gentoo
Apache Tomcat JK Connector: Information disclosure
2009-06-29 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability
2009-04-08 00:00:00
Apache mod_jk information leak
2009-04-08 00:00:00
cve
cve
CVE-2008-5519
2009-04-09 15:08:35
debian
debian
ubuntucve
ubuntucve
CVE-2008-5519
2009-04-09 00:00:00
cvelist
cvelist
CVE-2008-5519
2009-04-09 15:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:31:35
prion
prion
Design/Logic Flaw
2009-04-09 15:08:00
debiancve
debiancve
CVE-2008-5519
2009-04-09 15:08:35
ibm
ibm