Hello Experts:
Most of our business is running Tomcat 7.x.xx or later. But, we have a business function of ours that is using Tomcat 5.0.xx. Unfortunately, this is causing a lot of issues in terms of vulnerability remediation. Apache Tomcat Servlet Host Manager Servlet Cross-Site Scripting Vulnerability Apache Tomcat Information Disclosure Vulnerability Apache Tomcat Accept-Language Cross-Site Scripting Vulnerability Apache Tomcat JavaDoc Spoofing Vulnerability Apache Tomcat 4, 5 and 6 Examples Web Application Multiple Cross-Site Scripting Vulnerabilities Apache Tomcat 4 and 5 Cross-Site Scripting Vulnerability in Calender Application in JSP Examples Apache Tomcat 5 Cross-Site Scripting in implicit-objects.jsp of "Examples" Application Apache Tomcat Multiple Content Length Headers Information Disclosure Vulnerability Apache Tomcat Multiple Cross-Site Scripting Vulnerabilities in Manager and Host Manager Web Applications Apache Tomcat 4 and 5 Multiple Cross-Site Scripting Vulnerabilities The above is what were are experiencing and we are running Crystal Report as well. Could someone please guide me in the most efficient way to upgrade? My thought process is 5.0.xx to 5.5 then migration to 6 or 7? We are running windows 2003. I’m not even sure if it will support it? I am unable to find any process documents or guidance on how to go about the upgrade process and which version could help us in vulnerability remediation. Could someone please help me? This is extremely time sensitive to our business needs. Cheers!
