Apache Tomcat mod_jk Invalid Transfer-Encoding Chunked Field DoS
Medium Nessus Plugin ID 11519
SynopsisThe remote web server module has a denial of service vulnerability.
DescriptionAccording to the banner, the remote host is using a vulnerable version of the Apache mod_jk module. Such versions have a bug that could allow a remote attacker to use chunked encoding requests to desynchronize Apache and Tomcat, and therefore prevent the remote web server from working properly.
SolutionUpgrade to mod_jk 1.2.1 or later.