AnsweredAssumed Answered

QID 86789 - On AWS

Question asked by vmjunior on Aug 18, 2014

Hi,

 

I use QualysGuard PCI to scan IPs on AWS but the result isn't compliance because QID 86789 (CVE-2005-2090) - Apache Tomcat Multiple Content Length Headers Information Disclosure Vulnerability, but my hosts isn't running Apache Tomcat only Jboss. I thought the problem was in the ELB and open a ticket on AWS Suport, so they said ELB isn't vulnerable.

 

In my opinion its a false positive, but i'm not sure.

 

Someone had a similar problem about this QID.

 

Thanks.

Outcomes