This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.
The remote web server is prone to an information disclosure attack.
Based on the Server response header, the installation of the JK
Connector (mod_jk) in Apache Tomcat listening on the remote host is
version 1.2.x prior to 1.2.27. It is, therefore, affected by an
information disclosure vulnerability. A remote attacker can view the
response associated with a different user's request, either by sending
a request with a Content-Length without data or by sending repeated
requests very quickly.
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
See also :
Upgrade to mod_jk version 1.2.27 or later.
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 46885 ()
Bugtraq ID: 34412
CVE ID: CVE-2008-5519
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.