Sameer Acharya wrote:
Just a couple of questions on this.
1. I read your mail exchange and it seems that the OP has mentioned no Manager
app was installed, but your analysis indicates that the rogue app was uploaded
through manager app ?.
There were quite a few e-mails exchanged off list, main
detected by the firewall ?
-Sameer
--- On Sun, 8/10/08, Mark Thomas <[EMAIL PROTECTED]> wrote:
> From: Mark Thomas <[EMAIL PROTECTED]>
> Subject: Re: Possible virus uploaded to Tomcat 5.5.3 - SOLVED
> To: "Tomcat Users List"
> Date: Sunday, August 10, 2008, 1
On Sun, Aug 10, 2008 at 2:21 PM, Len Popp <[EMAIL PROTECTED]> wrote:
> I checked my server log and found that just this morning some computer
> in China tried to poke at the manager app on my server. So it seems
> that it wasn't an isolated incident, there's someone out there trying
> to exploit T
Thanks for figuring this out and posting the info.
I checked my server log and found that just this morning some computer
in China tried to poke at the manager app on my server. So it seems
that it wasn't an isolated incident, there's someone out there trying
to exploit Tomcat's manager app. Cavea
Folks,
Just a short note to let you know that Warren and I have been working this
off-list and have identified how this attack was launched.
I'd like to take this opportunity to publicly thank Warren for taking the
time to work with me on this when he had a lot more important things to do
th