Comments for Fitsec - Information Security Blog http://www.fitsec.com/en/blog Latest Information Security News Mon, 11 Jan 2010 21:32:12 +0000 http://wordpress.org/?v=2.9.1 hourly 1 Comment on Scans for Tomcat installations with weak passwords by admin http://www.fitsec.com/en/blog/?p=6&cpage=1#comment-1625 admin Mon, 11 Jan 2010 21:32:12 +0000 http://www.fitsec.com/en/blog/?p=6#comment-1625 Have you checked the logfiles? If you want I can take a look at them to see if there are additional installation vectors. Also if you have the uploaded .war or the installed filestructure (inside webapps) I'd love to take a look at them. Have you checked the logfiles? If you want I can take a look at them to see if there are additional installation vectors.
Also if you have the uploaded .war or the installed filestructure (inside webapps) I’d love to take a look at them.

]]> Comment on Scans for Tomcat installations with weak passwords by Victor Valdez http://www.fitsec.com/en/blog/?p=6&cpage=1#comment-1624 Victor Valdez Mon, 11 Jan 2010 21:26:25 +0000 http://www.fitsec.com/en/blog/?p=6#comment-1624 Hi! That's a useful post...this just happened to me. I think I have a "strong password" configured in my Tomcat Server, however I saw this Application installed. How come it got installed? My tomcat User's file looks sane however... Any comments? :) Thanks! Hi!

That’s a useful post…this just happened to me.

I think I have a “strong password” configured in my Tomcat Server, however I saw this Application installed.
How come it got installed?

My tomcat User’s file looks sane however…

Any comments? :)

Thanks!

]]>