13 matches found
SUSE CVE-2016-5425
The Tomcat package on Red Hat Enterprise Linux RHEL 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group...
Metasploit Weekly Wrap-Up
FortiNAC EITW Content Added Whilst we did have a few cool new modules added this week, one particularly interesting one was a Fortinet FortiNAC vulnerability, CVE-2022-39952, that was added in by team member Jack Heysel. This module exploits an unauthenticated RCE in Fortinet FortiNAC versions...
Mageia: Security Advisory (MGASA-2016-0367)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : 1:tomcat (2016-38e5b05260) (httpoxy)
This updates includes a rebase from tomcat 8.0.36 up to 8.0.38 which resolves multiple CVEs and a problem that 8.0.37 introduces to freeipa : - rhbz1375581 - CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - rhbz1390532 - CVE-2016-0762 CVE-2016-50...
Fedora 23 : 1:tomcat (2016-4094bd4ad6) (httpoxy)
This updates includes a rebase from tomcat 8.0.36 up to 8.0.38 which resolves multiple CVEs and a problem that 8.0.37 introduces to freeipa : - rhbz1375581 - CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - rhbz1390532 - CVE-2016-0762 CVE-2016-50...
SOL61414056 - Apache Tomcat vulnerability CVE-2016-5425
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
CVE-2016-5425
The Tomcat package on Red Hat Enterprise Linux RHEL 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group...
CVE-2016-5425
CVE-2016-5425 describes a local privilege escalation in Tomcat packages on RHEL7, Fedora, CentOS, Oracle Linux, and similar distros due to weak permissions on /usr/lib/tmpfiles.d/tomcat.conf. Local users in the tomcat group can exploit this to gain root privileges via systemd-tmpfiles handling. T...
RedHat Update for tomcat RHSA-2016:2046-01
The remote host is missing an update for the Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
RHEL 7 : tomcat (RHSA-2016:2046)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2046 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: It was discovered that the...
CVE-2016-5425
creationtimestamp| type| source ---|---|--- 2016-10-10 10:52:23+00:00| published-proof-of-concept| https://t.me/canyoupwnme/160 2016-10-11 16:36:42+00:00| published-proof-of-concept| https://t.me/FullDisclosure/149 2023-03-14 10:44:22+00:00| seen|...
Apache Tomcat 8/7/6 (RedHat Based Distros) - Local Privilege Escalation
============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-5425 - Release date: 10.10.2016 - Revision: 1 - Severity: High ============================================= I. VULNERABILITY -------------------------...
Apache Tomcat 8 / 7 / 6 Privilege Escalation
============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-5425 - Release date: 10.10.2016 - Revision: 1 - Severity: High ============================================= I. VULNERABILITY -------------------------...