We had an internal security scan run in our intranet and Norton reported this vulnerablity in Tomcat installed on JBoss. Any one else ran into this problem ? Any solutions to overcome this ?
----- The Apache HTTP server has an optional module mod_cookies that could allow a remote attacker to overflow an internal buffer in the Web server and execute arbitrary bytecode on the Web server. The mod_cookies module is compiled into the Web server, and is not installed by default in any versions of Apache. Apache HTTP servers up to v1.1.1 may be vulnerable to this overflow, if this module has been compiled into the server. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3872668#3872668 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3872668 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user