In association with heise online

05 March 2007, 12:17

Buffer overflow in Tomcat Java web server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Apache Foundation has fixed a critical vulnerability in the latest version of its Tomcat server implementation of Java servlets and JavaServer Pages. The vulnerability could be used by an attacker to gain control of the server.

The vulnerability is located in the Tomcat JK Web Server Connecter in the URI handler for the library in the map_uri_to_worker function of the jk_uri_worker_map.c module. A buffer overflow occurs when reading over-long URLs (more than 4095 bytes), which could be exploited to write code to the stack and launch it in the server context. Prior authentication is not necessary in order to exploit the bug.

According to the Zero Day Initiative, Tomcat JK Web Server Connector versions 1.2.19 and 1.2.20 included in Tomcat 4.1.34 and 5.5.20 are affected. The bug in the Connector is fixed in Tomcat 1.2.21. This version also fixes a number of other, non-security related bugs.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit