Intrusion Prevention

HTTP.Request.Long.URL.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Apache Tomcat JK Web Server Connector.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL. It allows a remote attacker to execute arbitrary code.

Affected Products

Apache Software Foundation Tomcat 5.5.20
Apache Software Foundation Tomcat 4.1.34
Apache Software Foundation mod_jk 1.2.20
Apache Software Foundation mod_jk 1.2.19

Impact

System compromise: Remote attackers can gain control of vulnerable systems.
Denial of service

Recommended Actions

Upgrade to the latest versions:
http://tomcat.apache.org/download-connectors.cgi