, 28. Februar 2001 17:59
An: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Betreff: RE: [Security Issue] Sessions are visible across multiple
clients
Probably partially resolved by the patch I forward previously.
From M. Frey
La prise de conscience de votre propre ignorance est un grand pas vers la
Hi Thomas! I'll try to answer from my limited knowledge (couple of months
reading the list):
"Amrhein, Thomas" wrote:
By the way I'm a bit confused about the different
tomcat trees (3.2/3.3/4.0).
There are no more 3.2 nightly builds but 3.2.2beta-release...
Right now there are three
, 2001 5:59 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [Security Issue] Sessions are visible across multiple clients
Hi all,
one session can be visible on multiple clients!!
THIS IS A BIG SECURITY PROBLEM!
Someone opens his webbrowser and has the session of somebody else.
So critical
Henri" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Wednesday, February 28, 2001 8:59 AM
Subject: RE: [Security Issue] Sessions are visible across multiple clients
Probably partially resolved by the patch I forward previously.
From M. Frey
La prise de conscienc
Hi all,
one session can be visible on multiple clients!!
THIS IS A BIG SECURITY PROBLEM!
Someone opens his webbrowser and has the session of somebody else.
So critical data could be viewed without permission.
Somebody can act as somebody else.
What's wrong with tomcat's session-handling?
I