to be informed, isn't it ?)
From: André Warnier [a...@ice-sa.com]
Sent: Thursday, June 25, 2015 8:32 AM
To: Tomcat Users List
Subject: Re: [External] Re: CVE-2014-7810 Mitigation
Lynch, Charles [USA] wrote:
You are saying a malicious actor would need
You are saying a malicious actor would need to be on the server itself to load
an application?
From: André Warnier [a...@ice-sa.com]
Sent: Thursday, June 25, 2015 7:55 AM
To: Tomcat Users List
Subject: [External] Re: CVE-2014-7810 Mitigation
Lynch, Charles [USA]
] Re: CVE-2014-7810 Mitigation
Lynch, Charles [USA] wrote:
You are saying a malicious actor would need to be on the server itself to
load an application?
Basically yes, or be allowed to load and deploy applications via the Manager
application
(which is either not installed, or anyway secured
Lynch, Charles [USA] wrote:
You are saying a malicious actor would need to be on the server itself to load
an application?
Basically yes, or be allowed to load and deploy applications via the Manager application
(which is either not installed, or anyway secured by default)
It is fairly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 6/25/15 8:32 AM, André Warnier wrote:
Lynch, Charles [USA] wrote:
You are saying a malicious actor would need to be on the server
itself to load an application?
Basically yes, or be allowed to load and deploy applications via
the