What I'm saying is that the page that is displayed by default doesn't seem to be displaying any information of any value aside from the name and version of the Web server.
Jon ----- Original Message ----- From: "Ricky Leung" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Wednesday, February 20, 2002 3:44 PM Subject: RE: Jakarta Tomcat Error Message Information Disclosure Vulnerability? > The link that you send already has the answer to the problem, just some > people might not implement it and therefore give it away how things are > organized/setup. > > -----Original Message----- > From: Jonathan Eric Miller [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 20, 2002 4:34 PM > To: Tomcat User List > Subject: Jakarta Tomcat Error Message Information Disclosure > Vulnerability? > > > Does anyone know if this vulnerability still exists? It says that 4.0.1 > suffers from this vulnerability, but, I don't see anything out of the > ordinary when I try it on mine. > > http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3199 > > Jon > > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
