tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Tomcat 6 and images
Date Tue, 09 Sep 2008 08:28:57 GMT
Mathias P.W Nilsson wrote:
> Can this be hacked? like http://localhost/files/../../somefile

No. There have been some recent vulnerabilities with particular
configurations in this area but these are fixed in the latest 5.5.x and
6.0.x releases.

Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message