HTTP.Request.Long.URL.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a buffer-overflow vulnerability in Apache Tomcat JK Web Server Connector.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL. It allows a remote attacker to execute arbitrary code.

affected-products-logoAffected Products

Apache Software Foundation Tomcat 5.5.20
Apache Software Foundation Tomcat 4.1.34
Apache Software Foundation mod_jk 1.2.20
Apache Software Foundation mod_jk 1.2.19

Impact logoImpact

System compromise: Remote attackers can gain control of vulnerable systems.
Denial of service

recomended-action-logoRecommended Actions

Upgrade to the latest versions:
http://tomcat.apache.org/download-connectors.cgi

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)