Intrusion Prevention



This indicates an attack attempt against a buffer-overflow vulnerability in Apache Tomcat JK Web Server Connector.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted URL. It allows a remote attacker to execute arbitrary code.

Affected Products

Apache Software Foundation Tomcat 5.5.20
Apache Software Foundation Tomcat 4.1.34
Apache Software Foundation mod_jk 1.2.20
Apache Software Foundation mod_jk 1.2.19


System compromise: Remote attackers can gain control of vulnerable systems.
Denial of service

Recommended Actions

Upgrade to the latest versions: