DSA-1810 libapache-mod-jk -- information disclosureID: oval:org.mitre.oval:def:7824 | Date: (C)2009-12-15 (M)2023-02-20 |
Class: PATCH | Family: unix |
An information disclosure flaw was found in mod_jk, the Tomcat Connector module for Apache. If a buggy client included the "Content-Length" header without providing request body data, or if a client sent repeated requests very quickly, one client could obtain a response intended for another client. The oldstable distribution (etch), this problem has been fixed in version 1:1.2.18-3etch2.
Platform: |
Debian 5.0 |
Debian 4.0 |