5 Aug 2022 23:37:22 James H. H. Lampert
<jam...@touchtonecorp.com.INVALID>:
Today is the first time I heard of such a thing as a "TCP timestamp
vulnerability." It seems a bit overblown to me, especially for a Tomcat
server running on an AS/400.
Can anybody share any insights about how this vulnerability relates to
Tomcat?
It doesn't.
This is a a network be stack/ OS issue.
The attacks I could find related to the issue were all information
disclosure style issue that could help target other attacks.
I'd make sure the OS was kept fully patched and not worry about this
issue.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org