info
discussion
exploit
solution
references
Apache Tomcat JK Connector Double Encoding Security Bypass Vulnerability
References:
Apache Tomcat Connector Homepage
(Apache Software Foundation)
Apache Tomcat Homepage
(Apache)
RHSA-2007:0379-4 - mod_jk security update
(RedHat)
RHSA-2007:0380-01 - mod_jk security update
(RedHat)
HPSBUX02262 SSRT071447 rev. 1
(Hewlett-Packard)
ASA-2008-054 mod_jk vulnerability may lead to information disclosure
(Avaya)
Fixed in Apache Tomcat JK Connector 1.2.23
(Apache Software Foundation)
RHSA-2008:0261-4 Moderate: Red Hat Network Satellite Server security update
(Red Hat)
Privacy Statement
Copyright 2010, SecurityFocus
