subject:"CVE\-2023\-24998 \: Apache Denial of Service"

RE: CVE-2023-24998 : Apache Denial of Service

2023-03-16 Thread S Abirami

Thanks Mark -Original Message- From: Mark Thomas Sent: Thursday, March 16, 2023 2:34 PM To: users@tomcat.apache.org Subject: Re: CVE-2023-24998 : Apache Denial of Service On 16/03/2023 05:33, S Abirami wrote: > Hi All, > > Currently, In our product we are using 9.0.6

Re: CVE-2023-24998 : Apache Denial of Service

2023-03-16 Thread Mark Thomas

On 16/03/2023 05:33, S Abirami wrote: Hi All, Currently, In our product we are using 9.0.65 version of Tomcat. We are not using FileUpload option in any of our application and in Servlet. We don't have any config to limit the file uploads also. Whether our attacker still able to perform a

CVE-2023-24998 : Apache Denial of Service

2023-03-15 Thread S Abirami

Hi All, Currently, In our product we are using 9.0.65 version of Tomcat. We are not using FileUpload option in any of our application and in Servlet. We don't have any config to limit the file uploads also. Whether our attacker still able to perform a malicious upload to our server via url.

CVE-2023-24998 : Apache Denial of Service

2023-03-15 Thread S Abirami

Hi All, Currently, In our product we are using 9.0.65 version of Tomcat. We are not using FileUpload option in any of our application and in Servlet. We don't have any config to limit the file uploads also. Whether our attacker still able to perform a malicious upload to our server via url.