1382352 – (CVE-2016-6808) CVE-2016-6808 mod_jk: Buffer overflow when concatenating virtual host name and URI

Bug 1382352 (CVE-2016-6808) - CVE-2016-6808 mod_jk: Buffer overflow when concatenating virtual host name and URI

Summary: CVE-2016-6808 mod_jk: Buffer overflow when concatenating virtual host name an...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2016-6808
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1384163 1462710
Blocks:	1382353 1395463 1461790
TreeView+	depends on / blocked

Reported:	2016-10-06 12:59 UTC by Adam Mariš
Modified:	2021-10-21 11:47 UTC (History)
CC List:	31 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-10-21 11:47:24 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2016:2957	normal	SHIPPED_LIVE	Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release	2016-12-16 03:11:19 UTC
Red Hat Product Errata	RHSA-2017:0193	normal	SHIPPED_LIVE	Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6	2017-01-26 01:05:09 UTC
Red Hat Product Errata	RHSA-2017:0194	normal	SHIPPED_LIVE	Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7	2017-01-26 01:04:50 UTC

Description Adam Mariš 2016-10-06 12:59:01 UTC

The IIS/ISAPI specific code implements special handling when a virtual host is present. The virtual host name and the URI are concatenated to create a virtual host mapping rule. It was found that the length checks prior to writing to the target buffer for this rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow.

Upstream patch:

https://svn.apache.org/viewvc?view=revision&revision=1762057

External References:

https://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.42

Comment 4 errata-xmlrpc 2016-12-15 22:12:27 UTC

This issue has been addressed in the following products:



Via RHSA-2016:2957 https://rhn.redhat.com/errata/RHSA-2016-2957.html

Comment 5 errata-xmlrpc 2017-01-25 20:06:33 UTC

This issue has been addressed in the following products:

  JBoss Core Services on RHEL 7

Via RHSA-2017:0194 https://access.redhat.com/errata/RHSA-2017:0194

Comment 6 errata-xmlrpc 2017-01-25 20:07:55 UTC

This issue has been addressed in the following products:

  JBoss Core Services on RHEL 6

Via RHSA-2017:0193 https://access.redhat.com/errata/RHSA-2017:0193

Note You need to log in before you can comment on or make changes to this bug.

bbaranow
bmaxwell
cdewolf
chazlett
csutherl
dandread
darran.lofthouse
dimitris
dosoudil
fnasser
gzaronik
huwang
jason.greene
jawilson
jboss-set
jclere
jdoyle
jondruse
jshepherd
lgao
mbabacek
mturk
myarboro
ppalaga
pslavice
rnetuka
rstancel
rsvoboda
twalsh
vtunka
weli