受影响版本: - - Apache Tomcat 8.0.0-RC1 to 8.0.15 - - Apache Tomcat 7.0.0 to 7.0.57 - - Apache Tomcat 6.0.0 to 6.0.43
漏洞说明: 恶意的 Web 应用可通过使用表达式语言来绕过 Tomcat 安全管理器的保护,该问题主要是安装一些不受信任的应用程序。
处理方法: - - Upgrade to Apache Tomcat 8.0.17 or later (8.0.16 has the fix but was not released) - - Upgrade to Apache Tomcat 7.0.59 or later (7.0.58 has the fix but was not released) - - Upgrade to Apache Tomcat 6.0.44 or laterApache Tomcat Security Manager绕过漏洞(CVE-2014-7810) http://www.linuxidc.com/Linux/2015-05/117604.htmRedHat Linux 5.5安装JDK+Tomcat并部署Java项目 http://www.linuxidc.com/Linux/2015-02/113528.htmTomcat权威指南(第二版)(中英高清PDF版+带书签) http://www.linuxidc.com/Linux/2015-02/113062.htmTomcat 安全配置与性能优化 http://www.linuxidc.com/Linux/2015-02/113060.htmLinux下使用Xshell查看Tomcat实时日志中文乱码解决方案 http://www.linuxidc.com/Linux/2015-01/112395.htmCentOS 64-bit下安装JDK和Tomcat并设置Tomcat开机启动操作步骤 http://www.linuxidc.com/Linux/2015-01/111485.htmCentOS 6.5下安装Tomcat http://www.linuxidc.com/Linux/2015-01/111415.htmTomcat 的详细介绍:请点这里 Tomcat 的下载地址:请点这里
易网时代-编程资源站