/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- Default version of Tomcat (5.5.20) vulnerable to “man in the middle” attack via SSL/TLS renegotiation
- Vulnerability in SSL & TLS Protocols (CVE-2009-3555)
GET /InfoViewApp/listing/home.do HTTP/1.0
R
RENEGOTIATING
depth=0
/C=EN/ST=LONDON/L=LONDON/O=INDRA/OU=SGTI/CN=prodrepository.domain.com
verify error:num=18:self signed certificate
verify return:1
depth=0
/C=EN/ST=LONDON/L=LONDON/O=INDRA/OU=SGTI/CN=prodrepository.domain.com
verify return:1
…
<html>
<body>
<form action="../../PlatformServices/service/app/logoff.do" method='post'>
<input type='hidden' name="cms" value="BOE-CMS:6400">
<input type='hidden' name="message" value="common.error.no.valid.session">
<input type='hidden' name="loc" value="es">
<input type='hidden' name="appKind" value="InfoView">
...
Read more...
Environment
- SAP BusinessObjects XI 3.1
- SAP BusinessObjects XI 3.1 SP3
- SAP BusinessObjects XI 3.1 SP4
- Tomcat 5.5.20
Product
Keywords
KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , BI-BIP-DEP-TOM , Obsolete, use: BI-BIP-DEP , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)