I just downloaded and installed Tomcat 3.2.4 and the problem in on this version too.
I think that if you a 404 error page defined, this problem doesn't happen. Anyway, I think it's a vulnerability. On Mon Dec 3 11:16:34 2001, "Renato" <[EMAIL PROTECTED]> escreveu : > Hi all, > > Recently I saw in the vuln-dev list a directory > listing vulnerability in Tomcat 3.2.3. It's simple, > just call the URL: > > http://yousite/%3f.jsp > > Is it fixed in Tomcat 3.2.4 ? > > Thanks > > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>