[27176] in bugtraq
Re: JSP source code exposure in Tomcat 4.x
daemon@ATHENA.MIT.EDU (Marcin Jackowski)
Tue Sep 24 17:03:13 2002
Date: Tue, 24 Sep 2002 21:30:17 +0200 (CEST)
From: Marcin Jackowski <master@px.pl>
To: bugtraq@securityfocus.com
In-Reply-To: <B978FD4A99D0BB449E96C502B7E3993B64390E@MAIL>
Message-ID: <Pine.LNX.4.21.0209242123300.29513-100000@px.pl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
[...]
>
> 3.2 Workaround:
[...]
Quicker (brute) method - remove completely
$TOMCAT_HOME/server/lib/servlets-default.jar.
The server complains but applications seem to work correctly
(unless you're using it).
Stated for Tomcat version 4.0.1, 4.0.4 and 4.1.10.
Marcin Jackowski
