Laura McCord wrote:
> So, since we are using Tomcat as a standalone then this would apply, right?
On standalone Tomcat this is not an issue since there is no proxy.
Mark
-
To start a new topic, e-mail: users@tomcat.apache.org
T
oh ok.
thanks ;)
Rui Monteiro wrote:
>
>
> Laura,
>
> It's true that there's a problem with double negative phrases.
> So to be more explict. As far as I can read from the report you showed
> the problem WOULD NOT EXIST ON STANDALONE TOMCAT.
> You can go without upgrade at least on basis of this
Laura,
It's true that there's a problem with double negative phrases.
So to be more explict. As far as I can read from the report you showed
the problem WOULD NOT EXIST ON STANDALONE TOMCAT.
You can go without upgrade at least on basis of this specific security hole.
Laura McCord escribió:
I tried to replicate the vulnerability on my site, but I couldn't
really traverse the directory tree in the way they've indicated, so I
can't really confirm whether there's a vulnerability or not.
-Rashmi
On 4/10/07, Laura McCord <[EMAIL PROTECTED]> wrote:
However, we do have another
installati
I have multiple installations of Tomcat on various servers. One in
particular is our portal server that does not have the tomcat manager
accessible so it should be fine. However, we do have another
installation on a different server that an administrator uses to
upload/modify existing web applicati
You may want to double-check with the people who wrote the report,
just to be sure.
I have a small site hosted on Tomcat 5.5.9 and I think the host
provider is using Apache connector --- my site often crashes and shuts
down and I sometimes see the directory structure. But it might not be
because
So, since we are using Tomcat as a standalone then this would apply, right?
Thanks,
Laura
Rui Monteiro wrote:
> And just in case! It desn't seem to apply in case you don't have
> Apache Server + Apache Tomcat through connector.
>
> Mensaje original
>
> Supposing the security
And just in case! It desn't seem to apply in case you don't have Apache
Server + Apache Tomcat through connector.
Mensaje original
Supposing the security vulnerability to be true as it seems (but i
didn't check) means first of all that if you don't have the Tomcat
Manager Ap