CVE-2013-1976

2013-07-0917:55:00

CWE-59

[email protected]

web.nvd.nist.gov

cve-2013-1976

tomcat

rpm

jboss

red hat

symlink attack

local users

file ownership

6 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, © catalina.out, or (d) tomcat7-initd.log.

CPENameOperatorVersion
redhat:enterprise_linuxredhat enterprise linuxeq6.0
redhat:jboss_enterprise_web_serverredhat jboss enterprise web servereq1.0.2
redhat:enterprise_linuxredhat enterprise linuxeq5
redhat:jboss_enterprise_web_serverredhat jboss enterprise web servereq2.0.0

CPE	Name	Operator	Version
redhat:enterprise_linux	redhat enterprise linux	eq	6.0
redhat:jboss_enterprise_web_server	redhat jboss enterprise web server	eq	1.0.2
redhat:enterprise_linux	redhat enterprise linux	eq	5
redhat:jboss_enterprise_web_server	redhat jboss enterprise web server	eq	2.0.0