|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200408-15] Tomcat: Insecure installation Vulnerability Scan
Vulnerability Scan Summary Tomcat: Insecure installation
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200408-15
(Tomcat: Insecure installation)
The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init scripts
as tomcat:tomcat, but those scripts are executed with root rights when
the system is started. This may allow a member of the tomcat group to run
arbitrary code with root rights when the Tomcat init scripts are run.
Impact
This could lead to a local privilege escalation or root compromise by
authenticated users.
Workaround
Users may change the ownership of /etc/init.d/tomcat* and
/etc/conf.d/tomcat* to be root:root:
# chown -R root:root /etc/init.d/tomcat*
# chown -R root:root /etc/conf.d/tomcat*
Solution:
All Tomcat users can upgrade to the latest stable version, or simply apply
the workaround:
# emerge sync
# emerge -pv ">=www-servers/tomcat-5.0.27-r3"
# emerge ">=www-servers/tomcat-5.0.27-r3"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|