Apache Tomcat Web Root Path Disclosure Vulnerability

Hello, One of our customers running Apache Tomcat version 4.1.29 ran some type of a vulnerability scanner which detected an "Apache Tomcat Web Root Path Disclosure Vulnerability". Did some research on the net and many sites mentioned that this vulnerability only affected 4.0.3.

Re: Apache Tomcat Web Root Path Disclosure Vulnerability

can't we just catch this exception and return a customised error page! I have not tried this has anyone else tried this or something else? -- To unsubscribe, e-mail: For additional commands, e-mail:

Apache Tomcat Web Root Path Disclosure Vulnerability

is there a way to solve this problem : A vulnerability has been reported for Apache Tomcat 4.0.3 on a Microsoft Windows platform. Reportedly, it is possible for a remote attacker to make requests that will result in Apache Tomcat returning an error page containing information that includes the a