Tomcat is 6.0.18 JVM is 1.5.0_12-b04 Windows Server 2003 We got the latest patches from Microsoft regarding some similar security breaches.
On Thu, Jan 22, 2009 at 10:30 AM, Brian Clark <brianclar...@yahoo.com> wrote: > What version of Tomcat are you using? > What version of the JVM? > What version of Windows? > Are you up to date on your Windows patches? > > > > > ________________________________ > From: Toby Kurien <tobyis7...@gmail.com> > To: users@tomcat.apache.org > Sent: Thursday, January 22, 2009 9:16:46 AM > Subject: SECURITY breach in Tomcat > > Hi, > I have a webapp for my company that has been running for several > years. Recently, we got infected by a trojan or virus and this has > been causing a lot of abnormal behavior. The trojan creates user > accounts in Windows and also creates web applications like safee.war > and zhu.war into the webapps folder of Tomcat and also shuts down > Tomcat. The trojan webapps have jsp and exe files which try to modify, > copy and delete files in the system and also try to access the > database. Symantec and Norton have not been able to rectify or detect > much. > I am totally at loss on what's going on and how to tighten or rectify > this. Anyone with any ideas is highly appreciated. > > Thanks, > -Toby > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
