, 2005 7:42 PM
To: Tomcat Users List
Subject: Re: CERT Vulnerability Note VU#204710 on Tomcat 3.x
This vulnerability note has to be amongst the most vague and
least informative I've ever seen. It says that Tomcat 3.x
and AJP12 has an issue and that the issue is not present in Tomcat 5.
What
-Original Message-
From: Jess Holle [mailto:[EMAIL PROTECTED]
Sent: Monday, March 21, 2005 7:42 PM
To: Tomcat Users List
Subject: Re: CERT Vulnerability Note VU#204710 on Tomcat 3.x
This vulnerability note has to be amongst the most vague and
least informative I've ever seen. It says
This vulnerability note has to be amongst the most vague and least
informative I've ever seen. It says that Tomcat 3.x and AJP12 has an
issue and that the issue is not present in Tomcat 5.
What about Tomcat 4 and 4.1? What about AJP13? The report simply does
not address any of these
Jess Holle [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
This vulnerability note has to be amongst the most vague and least
informative I've ever seen. It says that Tomcat 3.x and AJP12 has an
issue and that the issue is not present in Tomcat 5.
What about Tomcat 4 and 4.1?
Bill Barker wrote:
Jess Holle [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
This vulnerability note has to be amongst the most vague and least
informative I've ever seen. It says that Tomcat 3.x and AJP12 has an
issue and that the issue is not present in Tomcat 5.
What about