struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sreekanth S. Nair" <sreekanth.n...@egovernments.org>
Subject Re: Steps Involved in counter measurement for security issues
Date Wed, 16 Oct 2013 10:37:15 GMT
One more doubt, does this security vulnerability is able to bring down the
server :-) ? If we authorize ourselves to apache, is it possible for struts
team to give us test case to check the vulnerability?

-- 
Thanks & Regards
Srikanth
Software Developer
--------------------------------
eGovernments Foundations
www.egovernments.org
Mob : 9980078913
--------------------------------


On Wed, Oct 16, 2013 at 3:34 PM, Sreekanth S. Nair <
sreekanth.nair@egovernments.org> wrote:

> Hi,
>     Thanks Lukazs,  but that's too much of task to compare rather i can
> migrate ;-). Thanks Antonios, i will refer those links.
>
>
>
> --
> Thanks & Regards
> sreekanth
> --------------------------------
>
>
> On Wed, Oct 16, 2013 at 3:25 PM, Antonios Gkogkakis <gkogkaka@tcd.ie>wrote:
>
>> Hi Sreekanth,
>>
>> Lukasz beat me!
>>
>> If you don't want to upgrade you should at least check the security
>> bulletins
>> http://struts.apache.org/release/2.2.x/docs/security-bulletins.html
>> http://struts.apache.org/release/2.3.x/docs/security-bulletins.html
>>
>> see which vulnerabilities affect you and follow the instructions to
>> resolve
>> them.
>>
>>
>>
>> On 16 October 2013 10:48, Sreekanth S. Nair <
>> sreekanth.nair@egovernments.org
>> > wrote:
>>
>> > Hi,
>> >     Due to time and other internal constraints, we are unable to upgrade
>> > strust2 to the latest version. So i would like to know if we use old
>> > strust2 distro (in my case : struts2-core-2.1.2), what are the counter
>> > measurement need to taken care?
>> >
>> > Regards
>> >
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message