Mark Thomas wrote:
Warren Bell wrote:
Mark Thomas wrote:
- What other webapps are installed on the Tomcat instance?
Several, they are all intranet apps that do not have any
download/upload capabilities and there is no possible sql injection
vulnerabilities either. And none of the apps execute any programs
local to the server.
Hmm. No real idea yet but a few more questions.
Is either the manager or the admin app installed?
No
If yes, how strong is the password and what realm are you using?
From your comments you aren't using WebDAV at all. Is this correct?
What is WebDA, some kind of anti-virus?
Are all the apps on Tomcat accessible to the kiosks?
Yes
Do you have any access logs from around the time the rogue pages were
installed?
Maybe, the server is down, I am traveling to it right now to see if and
how much damage this may have caused.
Cheers,
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Thanks,
Warren Bell
909-645-8864
[EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
