Hi: How to fix this in JBOSS 3.2.5? This vulnerability affects the Win32 versions of multiple j2ee servlet containers / application servers. By making a particular request to the servers in question it is possible to retrieve files located under the 'WEB-INF' directory. For example: www.someserver.com/WEB-INF./web.xml or www.someserver.com/WEB-INF./classes/MyServlet.class
Thanks, Anand View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061441#4061441 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4061441 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
