Hmm; I looked at the following:
http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.2.1/bin/jakarta-tomcat-3.2.1.tar.gz
http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.2.1/bin/jakarta-tomcat-3.2.1.zip
and in both of these, the webapps folder contained four files,
[taz3] 6:54am webapps > ls
total 1247
1024 ROOT.war 7 admin.war 128 examples.war 88 test.war
I didn't look inside the .sea archives, nor did I see a webapps dir in the
servletapi tarballs. Are there any other tarballs to look at?
This *looks* like a false alarm. Ask him for an md5 of the tarball he
downloaded, as well as where he downloaded it from. You guys might want
to consider signing your releases at some point, too.
Brian
On Thu, 24 May 2001, Pier P. Fumagalli wrote:
> Here's what it seems they did with the exploit... Rerolling the binaries
> *balls of Tomcat putting a new index.htm...
>
> I'm downloading the supposedly wrong binary as we speak, but it's kinda slow
> from my 56kbps connection...
>
> Fuck shit...
>
> Pier
>
> ------ Forwarded Message
> From: "casper"<[EMAIL PROTECTED]>
> Reply-To: "casper"<[EMAIL PROTECTED]>
> Date: Thu, 24 May 2001 14:07:14 +0800
> To: "webmaster @ jakarta . apache . org" <[EMAIL PROTECTED]>
> Subject: question
>
> Hi
>
> I download tomcat3.2.1 version software but when i to set my file in the
> \webapps .I find one file and file name is index.htm and this file is from
> china.
> i send this file to you,pls to check your server is okay and i have check my
> server is no any hacker.
> I download file date is 2001/05/23.
> If it's right pls send mail to me.
>
> thanks
> Casper
>
>
> --------------------------------------------------------------------
> ??????·????? http://mail.kimo.com.tw
> < ? ? ? ?·? ? ? ? > http://www.kimo.com.tw
>
>
>
> ------ End of Forwarded Message
>
>
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CollabNet | open source | do what's right | now hiring
