Aviator Java wrote: > Can anybody tell me whether Tomcat 6.0.2 is immune to Http Response Splitting > attack? Assuming this is CVE-2002-1567, yes, it is immune.
If so, can anybody help me to know how the security vulnerablity was fixed. http://tomcat.apache.org/security-4.html Mark --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
