You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Jo Pfeffer <Jo...@hyro.com> on 2006/02/10 07:14:39 UTC

Tomcat Security Vulnerabilities

Hi.

Just wanting to know if anyone can tell me in which version of Tomcat
the bug was fixed that allows you to enter in a URL like
http://domain.com/%3f.jsp and get a directory listing. I know it exists
in 3.2, just wondering which version it was fixed in.

Thanks,
Jo.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Tomcat Security Vulnerabilities

Posted by Markus Schönhaber <ma...@schoenhaber.de>.

Jo Pfeffer wrote:
> Just wanting to know if anyone can tell me in which version of Tomcat
> the bug was fixed that allows you to enter in a URL like
> http://domain.com/%3f.jsp and get a directory listing. I know it exists
> in 3.2, just wondering which version it was fixed in.

http://issues.apache.org/bugzilla/show_bug.cgi?id=5261

Regards
  mks

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org