Re: TC3.2.x and security problems

ying 127.0.0.1... Connected to localhost. Escape character is '^]'. GET /%252e%252e/%252e%252e/%00.jsp HTTP/1.0 200 OK Content-Type: text/html;charset=ISO-8859-1 Servlet-Engine: Tomcat Web Server/3.2.2 beta 2 (JSP 1.1; Servlet 2.2; Java 1.3.0; Linux 2.4.2 i386; java.vendor=Caldera Systems I

Re: FW: Tomcat may reveal script source code by URL trickery 2

at code explain the problem in more detail? I'm still new to Tomcat, so a pointer to the relevant parts of the source would be very much appreciated. Thanks -- Stephan Seyboth - Developer Caldera (Deutschland) GmbH http://www.caldera.de/

[PATCH] Tomcat 3.2 shutdown

crude fix for 3.2.2 along the lines of what went into 3.3. It does change the shutdown behaviour, but here's the patch anyway in case it's useful for anyone. -- Stephan Seyboth - Developer Caldera (Deutschland) GmbH http://www.caldera.de/ ? jakarta-tomcat-3.2.2-shutdown.patch Index: src