nambo.k...@oss.ntt.co.jp wrote:
> BTW I've found a typo in the security reports.
> http://tomcat.apache.org/security-5.html
> http://tomcat.apache.org/security-4.html
> low: Information disclosure CVE-2008-4308
> Bug 40711 may result in the disclosure of POSTed .
>
> 40711 -> 407
From: ma...@apache.org
Subject: Re: [SECURITY] CVE-2008-4308: Tomcat information disclosure
vulnerability
Date: Thu, 05 Mar 2009 12:45:10 +0100
> nambo.k...@oss.ntt.co.jp wrote:
> > Hi, Mark.
> >
> >> The unsupported Tomcat 3.x, 4.0.x and 5.0.x versions may be also affec
s mean Tomcat 5.0.x is not affected by this vulnerability?
I would assume so but haven't confirmed this as 5.0.x is unsupported.
Mark
>
> Advice, please.
> Kazu Nambo
>
>
> From: ma...@apache.org
> Subject: [SECURITY] CVE-2008-4308: Tomcat information disclosure v
Advice, please.
Kazu Nambo
From: ma...@apache.org
Subject: [SECURITY] CVE-2008-4308: Tomcat information disclosure vulnerability
Date: Wed, 25 Feb 2009 23:17:37 +
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> CVE-2008-4308: Tomcat information disclosure vulnerabilit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2008-4308: Tomcat information disclosure vulnerability
Severity: Low
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 4.1.32 to 4.1.34
Tomcat 5.5.10 to 5.5.20
Tomcat 6.0.x is not affected
The unsupported Tomcat 3.x, 4.0.x and 5.0
