LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Shumway lands in Firefox

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

tomcat: multiple vulnerabilities

Package(s):tomcat6 CVE #(s):CVE-2013-1976 CVE-2013-2051
Created:May 29, 2013 Updated:May 30, 2013
Description: From the Red Hat advisory:

A flaw was found in the way the tomcat6 init script handled the tomcat6-initd.log log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. (CVE-2013-1976)

Note: With this update, tomcat6-initd.log has been moved from /var/log/tomcat6/ to the /var/log/ directory.

It was found that the RHSA-2013:0623 update did not correctly fix CVE-2012-5887, a weakness in the Tomcat DIGEST authentication implementation. A remote attacker could use this flaw to perform replay attacks in some circumstances. Additionally, this problem also prevented users from being able to authenticate using DIGEST authentication. (CVE-2013-2051)

Alerts:
Red Hat RHSA-2013:0869-01 2013-05-28
Red Hat RHSA-2013:0870-01 2013-05-28
CentOS CESA-2013:0870 2013-05-28
Scientific Linux SL-tomc-20130528 2013-05-28
Scientific Linux SL-tomc-20130528 2013-05-28
CentOS CESA-2013:0869 2013-05-29
Oracle ELSA-2013-0869 2013-05-28
Oracle ELSA-2013-0870 2013-05-28
openSUSE openSUSE-SU-2013:1306-1 2013-08-07
openSUSE openSUSE-SU-2013:1307-1 2013-08-07
openSUSE openSUSE-SU-2013:1411-1 2013-09-08
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds