|
|
Log in / Subscribe / Register

tomcat: privilege escalation

Package(s):tomcat CVE #(s):CVE-2016-1240
Created:September 15, 2016 Updated:September 21, 2016
Description: From the Debian-LTS advisory:

Dawid Golunski from legalhackers.com discovered that Debian's version of Tomcat 6 was vulnerable to a local privilege escalation. Local attackers who have gained access to the server in the context of the tomcat6 user through a vulnerability in a web application were able to replace the file with a symlink to an arbitrary file.

Alerts:
Ubuntu USN-3081-1 tomcat6, tomcat7, tomcat8 2016-09-19
Debian DSA-3670-1 tomcat8 2016-09-15
Debian DSA-3669-1 tomcat7 2016-09-15
Debian-LTS DLA-623-1 tomcat7 2016-09-15
Debian-LTS DLA-622-1 tomcat6 2016-09-15
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds