Showing results for 
Search instead for 
Did you mean: 
Level 7

Apache Tomcat functions.jsp XSS

The following vulnerability is being flagged on a few servers configured with iLO:  OpenSSL SSL/TLS Man-In-The-Middle Injection Attack. (CVE-2014-0224 - Vul ID 16684) I have updated the iLO firmware and OpenSSL SSL/TLS Man-In-The-Middle Injection Attack goes away. Now Apache Tomcat functions.jsp XSS  (CVE-2005-4838) is being detected on that server! I don't have Tomcat installed.  I have the lastest firmware and software for iLO installed and this will not go away. Anyone have any ideas/suggestions? Servers are HP Proliant DL385p Gen8 running Server 2008 R2 Standard

0 Kudos
1 Reply
Level 21

Re: Apache Tomcat functions.jsp XSS

I moved this to Vulnerability Manager (Foundstone) as I think it's a better spot, than Security Awareness, to get a response.




0 Kudos