> 3.2 Workaround: > There are at least two ways to protect from this vulnerability. > A. Tomcat in tandem with HTTP server front-end: > If you are using front-end HTTP server you can filter all > requests with the pattern */servlet/org.apache.catalina.servlets.DefaultServlet* > b. If you are using mod_jk to connect tomcat to you front-end server > map to Tomcat only the URL's that are part from you application but > not all request. See the usage of JkMount directive.
Anyone can post an example of how either A or B can be done? Does it matter which method is used? -- carrie s. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
