Re: [OT] Some one executing windows commands in Tomcat 4.1.18.

Kwok Peng Tuck Thu, 14 Aug 2003 16:37:59 -0700

It's in the intranet right ? Should be easy to track down :)

Antony paul wrote:

Hello,
   I have Tomcat standalone running on a local Intranet. The server is
windows 2000 SP2. Today while checking the access log files I found the
following lines
xx.xx.xx.xx - - [11/Aug/2003:09:47:38 5050] "GET /scripts/root.exe?/c+dir
HTTP/1.0" 404 716
xx.xx.xx.xx - - [11/Aug/2003:09:47:43 5050] "GET /MSADC/root.exe?/c+dir
HTTP/1.0" 404 710

What does this mean ? Is there any vulnerability in Tomcat or this
combination ?. I have uncommented the invoker servlet in web.xml. Is it
creating the problem ?.

regards
Antony Paul

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] Some one executing windows commands in Tomcat 4.1.18.

Reply via email to