Apache mod_jk2 Host Header Multiple Fields Remote Overflow

High Nessus Plugin ID 31786


The remote host is affected by multiple buffer overflow vulnerabilities.


The remote host is running Apache web server with mod_jk2, a connector that connects a web server such as Apache web server.

According to its banner, the version of mod_jk2 installed on the remote host is affected by multiple buffer overflow vulnerabilities. An attacker may be able to exploit these vulnerabilities to cause a denial of service condition or execute arbitrary code subject to the privileges of the user running the Apache process.


Upgrade to mod_jk2 2.0.4 or higher.

See Also



Plugin Details

Severity: High

ID: 31786

File Name: mod_jk2_buffer_overflow_vulnerabilities.nasl

Version: $Revision: 1.15 $

Type: remote

Family: Web Servers

Published: 2008/04/04

Modified: 2018/01/22

Dependencies: 48204

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

Required KB Items: installed_sw/Apache

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2007-6258

BID: 27752

OSVDB: 43189

EDB-ID: 5330

CWE: 119