[22151] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Question: Tomcat 3.2.1 dir. traversal vuln.

daemon@ATHENA.MIT.EDU (Gustav Jansen)
Wed Aug 8 11:26:02 2001

Date: Wed, 8 Aug 2001 12:57:29 +0200 (CEST)
From: Gustav Jansen <gustav.jansen@lincom.no>
Reply-To: Gustav Jansen <gustav.jansen@lincom.no>
To: <bugtraq@securityfocus.com>
Message-ID: <Pine.LNX.4.33.0108081249390.3408-100000@umbriel.lincom.no>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

Is this system only vulnerable if you use Tomcat as a web-server?
I run apache-1.3.19 as a web-server on a Linux kernel 2.4.2. Apache uses
mod_jk to forward pages to the tomcat-3.2.1 server. None of the exploits
described on http://www.securityfocus.com/bid/2518 worked on this system.

--
regards

Gustav Jansen
1AB5 1DD3 4412 9F03 1A4D  9C64 4763 DD26 62DA 54BF


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[22151] in bugtraq

Question: Tomcat 3.2.1 dir. traversal vuln.

daemon@ATHENA.MIT.EDU (Gustav Jansen)Wed Aug 8 11:26:02 2001

daemon@ATHENA.MIT.EDU (Gustav Jansen)
Wed Aug 8 11:26:02 2001