Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Gentoo: GLSA 202308-10 Low: Nginx mod_proxy Path Escaping Vulnerability

gentoo
Calendar Grey August 20, 2007
Dist Gentoo Esm H88
Uncover a directory traversal vulnerability within Apache's mod_jk that threatens security on Gentoo environments.
A directory traversal vulnerability has been discovered in Apache mod_jk.

Summary

Gentoo Linux Security Advisory GLSA 200708-15 https://security.gentoo.org/ Severity: Low Title: Apache mod_jk: Directory traversal Date: August 19, 2007 Bugs: #186218 ID: 200708-15

Synopsis ======= A directory traversal vulnerability has been discovered in Apache mod_jk.
Background ========= Apache mod_jk is a connector for the Tomcat web server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apache/mod_jk < 1.2.23 >= 1.2.23
========== Apache mod_jk decodes the URL within Apache before passing them to Tomcat, which decodes them a second time.
Impact ===== A remote attacker could browse a specially crafted URL on an Apache server running mod_jk, possib...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo access control directory traversal remote access low severity apache mod_jk

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory gentoo access control directory traversal remote access low severity apache mod_jk

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here