On 11/01/2014 00:02, Caldarale, Charles R wrote:
From: August Kleimo [mailto:aug...@kleimo.com]
Subject: exception-message header reveals path to document root in 404
response.
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path to the document
On Fri, Jan 10, 2014 at 7:02 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
Here's Tomcat's standard 404 response:
HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Length: 1027
Date: Fri, 10 Jan 2014 23:59:34 GMT
Wow, when I saw
From: Howard W. Smith, Jr. [mailto:smithh032...@gmail.com]
Subject: Re: exception-message header reveals path to document root in 404
response.
Wow, when I saw this last night, I shook my head and said to myself,
Server: Apache-Coyote/1.1
this may be one of the reasons why my server/web
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
August,
On 1/10/14, 7:48 PM, August Kleimo wrote:
Hi All, Thanks for all your replies. Turns out it was in fact
Railo. I searched the Railo repo on GitHub and found a reference
to that header. I was able to overwrite it with a blank string
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chuck,
On 1/11/14, 9:01 AM, Caldarale, Charles R wrote:
From: Howard W. Smith, Jr. [mailto:smithh032...@gmail.com]
Subject: Re: exception-message header reveals path to document
root in 404 response.
Wow, when I saw this last night, I shook
On Sat, Jan 11, 2014 at 9:01 AM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
From: Howard W. Smith, Jr. [mailto:smithh032...@gmail.com]
Subject: Re: exception-message header reveals path to document root in
404 response.
Wow, when I saw this last night, I shook my head
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path to the document web root in an exception-message
header when a missing page is requested.
Does anyone know of way to get rid of this header from the response?
Note: I'm running Railo 4.1.2 on top of
On 1/10/2014 3:28 PM, August Kleimo wrote:
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path to the document web root in an exception-message
header when a missing page is requested.
Does anyone know of way to get rid of this header from the
From: August Kleimo [mailto:aug...@kleimo.com]
Subject: exception-message header reveals path to document root in 404
response.
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path to the document web root in an exception-message
header when
Thanks, Perhaps it's coming from Railo then. I'll investigate down that
path.
On Fri, Jan 10, 2014 at 3:56 PM, Mark Eggers its_toas...@yahoo.com wrote:
On 1/10/2014 3:28 PM, August Kleimo wrote:
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path
install and install a Railo
war? Have you customized your install at all or added any custom configs?
Warm Regards,
Jordan Michaels
On 01/10/2014 04:02 PM, Caldarale, Charles R wrote:
From: August Kleimo [mailto:aug...@kleimo.com]
Subject: exception-message header reveals path to document root in 404
: August Kleimo [mailto:aug...@kleimo.com]
Subject: exception-message header reveals path to document root in 404
response.
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path to the document web root in an exception-message
header when a missing page
,
Jordan Michaels
On 01/10/2014 04:02 PM, Caldarale, Charles R wrote:
From: August Kleimo [mailto:aug...@kleimo.com]
Subject: exception-message header reveals path to document root in 404
response.
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path
(from a request for a .cfm
file).
It may help determine if Railo is involved or not.
Warm Regards,
Jordan Michaels
On 01/10/2014 04:02 PM, Caldarale, Charles R wrote:
From: August Kleimo [mailto:aug...@kleimo.com]
Subject: exception-message header reveals path to document root in 404
response
14 matches
Mail list logo
