CVE-2004-1452

2004-12-31T05:00:00
ID CVE-2004-1452
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.