FYI that's MOST vulnerability scanners. Most of them do not have privileged
access nor the database of ubuntu patch info in them so report solely on the
exposed version number and thats it. It leads to a lot of false positives and
then questions like these. ;)
Sent from my Galaxy
--
This is exactly what I was looking for. The vulnerability was addressed in
v9.0.31 of the package. Nessus must look at the apache tomcat version and not
take into consideration
Thanks for your very helpful info. Much appreciated.
Thank you,
Brad Turnbough
Senior Technology Analyst
P: 30
