tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gao, Frank" <frank....@siemens.com>
Subject RE: Tomcat Web Server "ServerTokenNotSet" Vulnerability
Date Fri, 10 Jun 2005 18:51:11 GMT
 
What the server parameter value should be in order to pass the security
scan?
-----Original Message-----
From: Mark Thomas [mailto:markt@apache.org] 
Sent: Friday, June 10, 2005 2:14 PM
To: Tomcat Users List
Subject: Re: Tomcat Web Server "ServerTokenNotSet" Vulnerability

Try setting the server parameter on the connector. See 
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html

Mark

Gao, Frank wrote:
> Hi,
> I have a Tomcat 5.5.7 standalone webserver running on my machine,
recently
> I got a security scan warning of "ApacheServerTokenNotSet".
>  
> Does anyone know how to configure the Tomcat 5.5.7 to pass this security
> scan?  I know there is a 'ServerTokens' directive for Apache Web 
> Server that I can use to limit the information giving out. But I cann't
find
> anything similar on Tomcat Web Server.
> 
> Anyone has any idea about this?
> 
> Thanks,
> 
> Frank 
>  
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message