https://issues.apache.org/bugzilla/show_bug.cgi?id=45059
Summary: http://www.servername.com/WEB-INF./web.xml
Product: Tomcat 5
Version: Unknown
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Unknown
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
We are working over a problem in the embedded tomcat server which leading us to
security compliance.
The Resources defined in the deployment descriptor are been display in the
following
http://www.servername.com/WEB-INF./web.xml
We tried to block the this request, but we are not able to restrict the request
to display the xml content of web.xml.
I hope someone might have seen similar vunerability to the web server. Please
advice on this issues. we are using Apache Tomcat 5.5.9 & 5.5.20 also.
We have tried on the context setting and other settings of the server.
Thanks in Advance,
Srinivas
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
