The Debian Hack Shop

An information disclosure flaw was found in mod_jk, the Tomcat Connector
module for Apache. If a buggy client included the “Content-Length” header
without providing request body data, or if a client sent repeated
requests very quickly, one client could obtain a response intended for
another client.

Read the full story: DSA-1810 libapache-mod-jk – information disclosure: http://www.debian.org/security/2009/dsa-1810

Tags: Debian, DSA, Security

This entry was posted on Wednesday, June 3rd, 2009 at 8:59 pm and is filed under Debian Security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.