hi, i written "exploited some well know vulnerability in mod_proxy" not mod_jk.
This one: *moderate: * * mod_proxy denial of service * CVE-2014-0117 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117> A flaw was found in mod_proxy in httpd versions 2.4.6 to 2.4.9. A remote attacker could send a carefully crafted request to a server configured as a reverse proxy, and cause the child process to crash. This could lead to a denial of service against a threaded MPM. we have updated apache and this module but they exploited it again with newest version (sorry, no time to investigate this) we switched to mod_jk but they exploited it too, rest you can read on list anyway we have configured apache to mitigate such kind of attack (whatever flavor it is) best, artur 2016-11-28 20:11 GMT+01:00 Christopher Schultz <ch...@christopherschultz.net >: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Jaaz, > > On 11/27/16 1:03 PM, Jaaz Portal wrote: > > Then they exploited some well know vulnerability in mod_proxy. We > > have updated apache to the latest but again they has exploited it, > > so we have switched to mod_jk. And then guess what. They exploited > > it too so i decided to write to this list looking for help before > > trying jetty. > > I'm unaware of any vulnerabilities in mod_jk, "well-known" or > otherwise. What vulnerability are you talking about? > > Note that switching to Jetty won't solve anything if you think the > "well-known vulnerability" is in mod_jk. > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJYPIFQAAoJEBzwKT+lPKRYUPkP/iV5vbBj/v3bDe4Yp9qHO0dA > 5p740/FRYFicM6fZf+SZ8dqsnPKZ30Ij6PTFfwNRFkGHiszErY1RZ94s3ZdXYJRF > QxNiSvToQq750ujwkDL4iZv8h4Ash0TRA/E6e0SvZ9W5yjT/FBSfxsSKe8uixN43 > 6xcXaJcTuipjoyNHnVlUFkZFcmMykg7hktcMeaGp9OI2j/4x+OkkWsTjxvEucDXx > 9ediRNaldrnU+bvmMTKnI9FZSHmxg1hzkpky3gNOv+CF7gOCLo8/ixj8ZELb+Lwt > AREr30gtBdupfmGLO0pdFJ2EYHfmfW3Rlf6xwCzSBHZtdX8ewR1dw28SCJDlq/um > vRArMdG+s3OoLQ04GHRm+shom+X3KuhRf/NjZsF//we6XIpgxWv686HaVXPNa0Ys > 6TomDIDM1N0o5l0mQ1799P2+/9t+hxUoGUcUIOUadn4QHtuGFONe266qYiguhuFj > sDVsi7R6jK4VodTA2HznKrdUZf1WqE2bw5zLSi7AOuoSu85jDfN+uPRTD/Q3fw3a > 4vYiyKSYijvHYlS0mi/mtuCMBIgUXHRKYT4SkR7W6SQlwy10QiRZUGxofnzUicO1 > eUDTNa1/pEecci7RXJ3C54aih0nrUZI5mQZdaFBBX1D7h3DAnTHKcnqzeQ0u/Wun > 3Gf4MfVVYOfn9yyYmr7Q > =bdyD > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
