Re: Apache/Tomcat vulnerability

Mon, 28 Nov 2016 11:12:31 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Jaaz,

On 11/27/16 1:03 PM, Jaaz Portal wrote:
> Then they exploited some well know vulnerability in mod_proxy. We
> have updated apache to the latest but again they has exploited it,
> so we have switched to mod_jk. And then guess what. They exploited
> it too so i decided to write to this list looking for help before
> trying jetty.

I'm unaware of any vulnerabilities in mod_jk, "well-known" or
otherwise. What vulnerability are you talking about?

Note that switching to Jetty won't solve anything if you think the
"well-known vulnerability" is in mod_jk.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJYPIFQAAoJEBzwKT+lPKRYUPkP/iV5vbBj/v3bDe4Yp9qHO0dA
5p740/FRYFicM6fZf+SZ8dqsnPKZ30Ij6PTFfwNRFkGHiszErY1RZ94s3ZdXYJRF
QxNiSvToQq750ujwkDL4iZv8h4Ash0TRA/E6e0SvZ9W5yjT/FBSfxsSKe8uixN43
6xcXaJcTuipjoyNHnVlUFkZFcmMykg7hktcMeaGp9OI2j/4x+OkkWsTjxvEucDXx
9ediRNaldrnU+bvmMTKnI9FZSHmxg1hzkpky3gNOv+CF7gOCLo8/ixj8ZELb+Lwt
AREr30gtBdupfmGLO0pdFJ2EYHfmfW3Rlf6xwCzSBHZtdX8ewR1dw28SCJDlq/um
vRArMdG+s3OoLQ04GHRm+shom+X3KuhRf/NjZsF//we6XIpgxWv686HaVXPNa0Ys
6TomDIDM1N0o5l0mQ1799P2+/9t+hxUoGUcUIOUadn4QHtuGFONe266qYiguhuFj
sDVsi7R6jK4VodTA2HznKrdUZf1WqE2bw5zLSi7AOuoSu85jDfN+uPRTD/Q3fw3a
4vYiyKSYijvHYlS0mi/mtuCMBIgUXHRKYT4SkR7W6SQlwy10QiRZUGxofnzUicO1
eUDTNa1/pEecci7RXJ3C54aih0nrUZI5mQZdaFBBX1D7h3DAnTHKcnqzeQ0u/Wun
3Gf4MfVVYOfn9yyYmr7Q
=bdyD
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to