Cisco Wireless Control System Apache Tomcat JK Web Server Connector Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 1 Feb 2008 5735 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Cisco Wireless Control System (WCS), which could be exploited by remote attackers to cause a denial of service or execute arbitrary code. This issue is due to a buffer overflow error in the mod_jk library when processing overly long URLs via the "map_uri_to_worker()" [native/common/jk_uri_worker_map.c] method, which could be exploited by remote attackers to execute arbitrary commands by sending a specially crafted request to an affected server.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Cisco Wireless Control System versions 3.x
  • Cisco Wireless Control System versions 4.0.x prior to 4.0.100.0
  • Cisco Wireless Control System versions 4.1.x and 4.2.x prior to version 4.2.62.0.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Update to the latest versions.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Winamp Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerabilities

21 Jan 2008 5578 Views

Next

Facebook Photo Uploader Control Remote Buffer Overflow Vulnerabilities

5 Feb 2008 5516 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY