CVE-2007-6258

mod_jk2 < 2.0.3-DEV - Remote Code Execution via Long Host Header

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-6258. PoCs published by INetCop Security, Heretic2.

AI-analyzed exploit summary This exploit targets a remote buffer overflow in Apache Tomcat Connector jk2-2.0.2 (mod_jk2) on Fedora Core 6,7,8 with exec-shield. It sends a crafted payload to achieve remote code execution, demonstrated by spawning a reverse shell.

Description

Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.

Exploits (2)

exploitdb WORKING POC VERIFIED
by INetCop Security · textremotelinux
https://www.exploit-db.com/exploits/5386

This exploit targets a remote buffer overflow in Apache Tomcat Connector jk2-2.0.2 (mod_jk2) on Fedora Core 6,7,8 with exec-shield. It sends a crafted payload to achieve remote code execution, demonstrated by spawning a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Apache Tomcat Connector jk2-2.0.2 (mod_jk2)
No auth needed
Prerequisites: Network access to the target · Target running vulnerable mod_jk2 version · Fedora Core 6,7,8 with exec-shield
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Heretic2 · cremotewindows_x86
https://www.exploit-db.com/exploits/5330

This exploit targets a buffer overflow vulnerability in mod_jk2 v2.0.2 for Apache 2.0 Win32. It uses a non-alpha encoder to bypass the downcasing of the Host header and delivers a bind shell payload on port 9999.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: mod_jk2 v2.0.2 for Apache 2.0 Win32
No auth needed
Prerequisites: Network access to the target Apache server · mod_jk2 v2.0.2 installed on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487983/100/100/threaded
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0572
Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27752
Third Party Advisory x_refsource_misc
http://www.ioactive.com/pdfs/mod_jk2.pdf
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5330
Broken Link third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3661
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/771937
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5386

Scores

EPSS 0.4085
EPSS Percentile 98.5%

Details

CWE
CWE-119
Status published
Products (5)
apache/mod_jk 2.0
apache/mod_jk 2.0.1
apache/mod_jk 2.0.2
apache/mod_jk 2.0.3_dev
f5/big-ip 9.2.3.30
Published Feb 19, 2008
Tracked Since Feb 18, 2026