You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jonathan Eric Miller <je...@uchicago.edu> on 2002/02/20 22:34:17 UTC
Jakarta Tomcat Error Message Information Disclosure Vulnerability?
Does anyone know if this vulnerability still exists? It says that 4.0.1
suffers from this vulnerability, but, I don't see anything out of the
ordinary when I try it on mine.
http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3199
Jon
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: Jakarta Tomcat Error Message Information Disclosure Vulnerability?
Posted by Jonathan Eric Miller <je...@uchicago.edu>.
What I'm saying is that the page that is displayed by default doesn't seem
to be displaying any information of any value aside from the name and
version of the Web server.
Jon
----- Original Message -----
From: "Ricky Leung" <ri...@booksense.com>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Wednesday, February 20, 2002 3:44 PM
Subject: RE: Jakarta Tomcat Error Message Information Disclosure
Vulnerability?
> The link that you send already has the answer to the problem, just some
> people might not implement it and therefore give it away how things are
> organized/setup.
>
> -----Original Message-----
> From: Jonathan Eric Miller [mailto:jemiller@uchicago.edu]
> Sent: Wednesday, February 20, 2002 4:34 PM
> To: Tomcat User List
> Subject: Jakarta Tomcat Error Message Information Disclosure
> Vulnerability?
>
>
> Does anyone know if this vulnerability still exists? It says that 4.0.1
> suffers from this vulnerability, but, I don't see anything out of the
> ordinary when I try it on mine.
>
> http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3199
>
> Jon
>
>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
>
>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
RE: Jakarta Tomcat Error Message Information Disclosure Vulnerability?
Posted by Ricky Leung <ri...@booksense.com>.
The link that you send already has the answer to the problem, just some
people might not implement it and therefore give it away how things are
organized/setup.
-----Original Message-----
From: Jonathan Eric Miller [mailto:jemiller@uchicago.edu]
Sent: Wednesday, February 20, 2002 4:34 PM
To: Tomcat User List
Subject: Jakarta Tomcat Error Message Information Disclosure
Vulnerability?
Does anyone know if this vulnerability still exists? It says that 4.0.1
suffers from this vulnerability, but, I don't see anything out of the
ordinary when I try it on mine.
http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3199
Jon
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>