IL PROTECTED]]
> Sent: Thursday, April 05, 2001 10:05 AM
> To: [EMAIL PROTECTED]
> Subject: RE: TC3.2.x and security problems
>
>
> Here's an update. I've installed JDK1.3.0 and JDK1.3.1-beta and
> tested the
> following URLs.
>
> All the tests were run on Win2000
Here's an update. I've installed JDK1.3.0 and JDK1.3.1-beta and tested the
following URLs.
All the tests were run on Win2000 using Tomcat 3.2.2b2. The only difference
between these runs was the value of the JAVA_HOME environment variable.
The security problems I could duplicate *only* occurred
t; From: Stephan Seyboth [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 04, 2001 9:08 AM
> To: [EMAIL PROTECTED]
> Subject: Re: TC3.2.x and security problems
>
[...]
>
> $ telnet localhost 8080
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '
>I can't reproduce that one, but could verify the following problems
>on Linux:
>
>$ telnet localhost 8080
>Trying 127.0.0.1...
>Connected to localhost.
>Escape character is '^]'.
>GET /examples/jsp/num/numguess.jsp
>HTTP/1.0 200 OK
>Content-Type: text/plain
>Content-Length: 1237
>Last-Modified: T
On Wed, Apr 04, 2001 at 08:35:11AM -0500, Marc Saegesser wrote:
> Has anyone on tomcat-dev been able to reproduce these problems using Tomcat
> 3.2.x? I've been trying to reproduce the error using 3.2.1, 3.2.2b2 and
> even 3.1.1. So far I always get a 404. I've never been able to get
> director
