OMEZ Henri" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, February 28, 2001 8:59 AM
Subject: RE: [Security Issue] Sessions are visible across multiple clients
> Probably partially resolved by the patch I forward previously.
> From M.
Hi Thomas! I'll try to answer from my limited knowledge (couple of months
reading the list):
"Amrhein, Thomas" wrote:
> By the way I'm a bit confused about the different
> tomcat trees (3.2/3.3/4.0).
> There are no more 3.2 nightly builds but 3.2.2beta-release...
Right now there are three branc
esendet am: Mittwoch, 28. Februar 2001 17:59
An: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Betreff: RE: [Security Issue] Sessions are visible across multiple
clients
Probably partially resolved by the patch I forward previously.
>From M. Frey
La prise de conscience de votre propre ignorance est un gran
t: Wednesday, February 28, 2001 5:59 PM
>To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
>Subject: [Security Issue] Sessions are visible across multiple clients
>
>
>Hi all,
>
>one session can be visible on multiple clients!!
>
>THIS IS A BIG SECURITY PROBLEM!
>
>Someone opens h
Hi all,
one session can be visible on multiple clients!!
THIS IS A BIG SECURITY PROBLEM!
Someone opens his webbrowser and has the session of somebody else.
So critical data could be viewed without permission.
Somebody can act as somebody else.
What's wrong with tomcat's session-handling?
I wr