Justin Erenkrantz at [EMAIL PROTECTED] wrote:
> On Tue, Aug 21, 2001 at 06:51:52PM -0000, [EMAIL PROTECTED] wrote:
>> craigmcc 01/08/21 11:51:52
>>
>> Modified: catalina/src/share/org/apache/catalina/core
>> StandardServer.java
>> Log:
>> Fix for a DoS attack against the shutdown port, that could cause an "out
>> of memory" exception by sending a continuous stream of characters. Now,
>> Tomcat will only listen for enough characters to match or not-match the
>> required password, then it shuts the port.
>
> Now I'll know exactly how long the shutdown password is. =-) -- justin
Good point... :(
Pier
