Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

mod_jk Chunked Encoding DoS (deprecated)

High

Synopsis

The remote host is using a version of the Apache mod_jk module which is older than 1.2.1.

Description

The remote host is using a version of the Apache mod_jk module which is older than 1.2.1. There is a bug in this version which may allow an attacker to use chunked encoding requests to desynchronize Apache and Tomcat and therefore prevent this host from working properly.

Solution

Upgrade to mod_jk 1.2.1 or higher.