tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Richard Wooding" <rich...@camara.co.za>
Subject Re: Tomcat security issue
Date Wed, 18 Oct 2000 08:24:28 GMT
check your apache configuration

----- Original Message ----- 
From: "Cheong Takhoe" <Takhoe@apiit.edu.my>
To: <tomcat-user@jakarta.apache.org>
Sent: Wednesday, October 18, 2000 7:34 AM
Subject: Tomcat security issue


Hi,

I discovered that Tomcat has a security problem with regards to the way it
works with the handlers.

if you have a file x.jsp
when you access it through the web browser, http://<hostname>/x.jsp\
with the \ there,

it opens up the source code....
HMMMMMmmmm...

I don't know whether this is similar on a non-NT platform. 
any ideas about this? solutions?

regards,
Cheong Takhoe


Mime
View raw message