I have multiple installations of Tomcat on various servers. One in particular is our portal server that does not have the tomcat manager accessible so it should be fine. However, we do have another installation on a different server that an administrator uses to upload/modify existing web applications. This installation in particular only uses the tomcat standalone. So, I am figuring this tomcat server needs to be upgraded and any other server that makes the tomcat manager accessible.
Thanks, Laura Rashmi Rubdi wrote: > You may want to double-check with the people who wrote the report, > just to be sure. > > I have a small site hosted on Tomcat 5.5.9 and I think the host > provider is using Apache connector --- my site often crashes and shuts > down and I sometimes see the directory structure. But it might not be > because of security vulnerability. I think it's probably because the > hosting provider shuts it down because it's very low cost. And its a > bit PITA to manually switch-off directory listing. Also even without > the vulnerability anyone can still access the manager app by using the > default URL, I should probably get it disabled. > > -Rashmi > > On 4/10/07, Laura McCord <[EMAIL PROTECTED]> wrote: >> So, since we are using Tomcat as a standalone then this would apply, >> right? >> >> Thanks, >> Laura > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
