Back to search
CVE-2008-5519
Published: Apr 9, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2009-0973
vdb-entry
x_refsource_VUPEN
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
x_refsource_CONFIRM
34621
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2009:018
vendor-advisory
x_refsource_SUSE
1022001
vdb-entry
x_refsource_SECTRACK
34412
vdb-entry
x_refsource_BID
[oss-security] 20090408 CVE-2008-5519: mod_jk session information leak vulnerability
mailing-list
x_refsource_MLIST
RHSA-2009:0446
vendor-advisory
x_refsource_REDHAT
[www-announce] 20090407 [SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability
mailing-list
x_refsource_MLIST
http://svn.eu.apache.org/viewvc?view=rev&revision=702540
x_refsource_CONFIRM
[tomcat-dev] 20090407 [SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability
mailing-list
x_refsource_MLIST
20090407 [SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability
mailing-list
x_refsource_BUGTRAQ
https://bugzilla.redhat.com/show_bug.cgi?id=490201
x_refsource_CONFIRM
29283
third-party-advisory
x_refsource_SECUNIA
http://tomcat.apache.org/security-jk.html
x_refsource_CONFIRM
35537
third-party-advisory
x_refsource_SECUNIA
DSA-1810
vendor-advisory
x_refsource_DEBIAN
262468
vendor-advisory
x_refsource_SUNALERT
[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [25/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190413 svn commit: r1857494 [18/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190415 svn commit: r1857582 [20/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [30/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now