On Tue, 24 Sep 2002 10:12:44 -0400 Rossen Raykov <Rossen.Raykov@CognicaseUSA.com> wrote: > Tomcat 4.x JSP source exposure security advisory > > 1. Summary > Tomcat 4.0.4 and 4.1.10 (probably all other earlier versions also) are > vulnerable to source code exposure by using the default servlet > org.apache.catalina.servlets.DefaultServlet. 3.2.x versions doesn't seem to be vulnerable to this, but indeed the 4.1.x versions are. -- Information is bliss! give it a try!
