This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
It has been observed that the Tomcat 4.x release was prone to HTTP Response Splitting attack through CRLF injection. I have been studying various security vulnerabilities for a while. Also i am working on developing countermeasures for such vulnerablities.
Now i like to know, whether Tomcat 6.0.2 release has fix for the CRLF injection. I have tried to implement the CRLF injection attack against Tomcat 6.0.2 but i was not successful.