AnsweredAssumed Answered

QID 86789 - On AWS

Question asked by vmjunior on Aug 18, 2014



I use QualysGuard PCI to scan IPs on AWS but the result isn't compliance because QID 86789 (CVE-2005-2090) - Apache Tomcat Multiple Content Length Headers Information Disclosure Vulnerability, but my hosts isn't running Apache Tomcat only Jboss. I thought the problem was in the ELB and open a ticket on AWS Suport, so they said ELB isn't vulnerable.


In my opinion its a false positive, but i'm not sure.


Someone had a similar problem about this QID.