CVE-2007-6258 - Buffer Errors vulnerability in Apache Software Foundation and F5 products

Publication

2008-02-19

Last modification

2018-10-15

Summary

Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.

Description

Apache mod_jk2 is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers. Successful exploits may allow attackers to execute arbitrary code in the context of a vulnerable application; failed attempts will likely cause denial-of-service conditions.Versions prior to mod_jk2 2.0.4 are vulnerable.NOTE: mod_jk2 is a legacy branch of mod_jk that is now deprecated; mod_jk is a currently supported module and is reportedly unaffected by these issues.

Solution

The vendor has released updates to address these issues. Please see the references for more information. Apache Software Foundation mod_jk2 2.0.3-DEV Apache Software Foundation jakarta-tomcat-connectors-jk2-2.0.4-src.tar.gz http://archive.apache.org/dist/jakarta/tomcat-connectors/jk2/source/ja karta-tomcat-connectors-jk2-2.0.4-src.tar.gz Apache Software Foundation mod_jk2 2.0 Apache Software Foundation jakarta-tomcat-connectors-jk2-2.0.4-src.tar.gz http://archive.apache.org/dist/jakarta/tomcat-connectors/jk2/source/ja karta-tomcat-connectors-jk2-2.0.4-src.tar.gz

Exploit

An exploit is available. /data/vulnerabilities/exploits/27752.cpp /data/vulnerabilities/exploits/27752.tar.gz

Classification

CWE-119 - Buffer Errors

Risk level (CVSS AV:N/AC:L/Au:N/C:P/I:P/A:P)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products