This host is running Apache Tomcat with mod_jk Module and is prone to Information Disclosure vulnerability.
This issue can be exploited to disclose response data associated with the request of a different user via specially crafted HTTP requests and to gain sensitive information about the remote host. Impact Level: Application
Upgrade to mod_jk 1.2.27 or later. http://svn.eu.apache.org/viewvc?view=rev&revision=702540
This flaw is due to - an error when handling empty POST requests with a non-zero 'Content-Length' header. - an error while handling multiple noncompliant AJP protocol related requests.
Apache Tomcat mod_jk version 1.2.0 to 1.2.26