I tried to replicate the vulnerability on my site, but I couldn't really traverse the directory tree in the way they've indicated, so I can't really confirm whether there's a vulnerability or not.
-Rashmi On 4/10/07, Laura McCord <[EMAIL PROTECTED]> wrote:
However, we do have another installation on a different server that an administrator uses to upload/modify existing web applications. This installation in particular only uses the tomcat standalone. So, I am figuring this tomcat server needs to be upgraded and any other server that makes the tomcat manager accessible. Thanks, Laura
--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
