Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache Tomcat Source Disclosure Hole

Posted by michael on Tuesday September 24, 2002 @05:13AM from the now-slightly-more-patchy dept.

joe writes "Apache has released a security warning in its popular server Tomcat. This security hole allows non authenticated users to retrieve source code of web applications on the server."

1 of 14 comments (clear)

Min score:

Reason:

Sort:

Hmmmm. by Gaijin42 · 2002-09-24 07:13 · Score: 5, Insightful

I think its very interesting that this article is posted on the Apache subsite, when Slashdot is touted as the source for Open Source news. This is the type of thing you would want to get out to as many users as possible so they can all get patched (Isn't that the advantage to Open Source? You can patch it? Or have someone smarter than you patch it for you?)

Meanwhile, every obscure, really difficult to implement, not really dangerous IIS flaw makes it to the frontpage, so we can have 500 comments of MS sucks, use open source, it can be patched faster!

No wonder the views are so lopsided. Massive exposure to every MS bug. Hide every open source bug.

Bring on the moderation. Its not that big of a deal...