troubleshooting Question

PCI Compliance Vulnerability

Avatar of akgautham
akgautham asked on
Apache Web ServerJava App Servers
2 Comments2 Solutions657 ViewsLast Modified:
The remote host is running a vulnerable version of Apache tomcat. A RequestDispatcher API is vulnerable to a directory traversal attack, This could allow an attacker to view files outside of the web application's root.

CVE-2008-5515

Remediation Action: Upgrade to versions 6.0.20/4.1.SVN or later or apply the pactches referenced in the vendor advisory.

Threat: Med

Service:
tcp/80-Apache-Coyote/1.1


What is the solution for this?
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros