- 漏洞ID:1145555
- 漏洞类型:缓冲区错误
- 发布日期:2016-10-12
- 更新时间:2019-04-16
- CVE编号:CVE-2016-6808
- CNNVD-ID:CNNVD-201610-074
- 漏洞平台:N/A
- CVSS评分:7.5
<a href="https://cxsecurity.com/issue/WLB-2016100102" target="_blank">https://cxsecurity.com/issue/WLB-2016100102</a><br/> <a href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201610-074" target="_blank">http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201610-074</a><br/>
Apache Tomcat Connectors(又名mod_jk)是美国阿帕奇(Apache)软件基金会的一款为Apache或IIS提供连接后台Tomcat的模块,它支持集群和负载均衡等。Apache Tomcat Connectors 1.2.42之前的版本中存在缓冲区溢出漏洞。攻击者可利用该漏洞执行任意代码或造成拒绝服务。
来源:securitytracker.com
链接:http://securitytracker.com/id/1036969
来源:MISC
链接:http://packetstormsecurity.com/files/139071/Apache-Tomcat-JK-ISAPI-Connector-1.2.41-Buffer-Overflow.html
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2016-2957.html
来源:FULLDISC
链接:http://seclists.org/fulldisclosure/2016/Oct/44
来源:CONFIRM
链接:http://tomcat.apache.org/security-jk.html
来源:MLIST
链接:http://www.openwall.com/lists/oss-security/2016/10/06/4
来源:BID
链接:http://www.securityfocus.com/bid/93429
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2017:0193
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2017:0194