"We strongly recommend to disable public access to /examples directory again."Reasons:
- Bypassing HttpOnly Cookies protection
- CSRF cookies manipulation
- Session manipulation
DOMINIK SYMONOWICZ's blogs - FOREVER HUNGRY of knowledge, sarcasm, smiling, music, dancing, and food ...lots of food. This IT blog is a collection of notes with a simple solution with an explanation, added documentation, sarcastic comment and weird example. I also write about a lesson learnt from my mistakes. A non-it blog can be found here: Dominik Symonowicz's non-IT blog and website
12 March 2013
Security tips: Delete Tomcat examples folder
According to this blog entry : Tomcat Servlet Examples threats on ONsec , where they recommend:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment