Hi again, This is confusing me : I have one hole that I need to close.
I am getting a medium risk hole which I don't understand. I have a Tomcat 4.0.4 web server running on port 80. Nessus is telling me "Older versions of JServ are venerable to a cross site scripting attack using a request for a non-existent .jsp file. Upgrade to the latest version of JServ or, for preference use Tomcat, as JServ is no longer maintained" But I am using Tomcat - do I need to upgrade it further - or is this a false positive? Thanks in advance. Kevin - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
