This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote web server is prone to an information disclosure attack.
Based on the Server response header, the installation of the JK
Connector (mod_jk) in Apache Tomcat listening on the remote host is
version 1.2.x prior to 1.2.27. It is, therefore, affected by an
information disclosure vulnerability. A remote attacker can view the
response associated with a different user's request, either by sending
a request with a Content-Length without data or by sending repeated
requests very quickly.
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
See also :
Upgrade to mod_jk version 1.2.27 or later.
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.3
Public Exploit Available : false