systemd (systemd-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation

Product: systemd systemd-tmpfiles Versions-affected: 236 and earlier Author: Michael Orlitzky Fixed-in: commit 5579f85 , version 237 Bug-report: https://github.com/systemd/systemd/issues/7736 Acknowledgments: Lennart Poettering who, instead of calling me an idiot for not realizing that systemd...

Apache Tomcat 8/7/6 (based on the RedHat distro)local mention the right vulnerability-vulnerability warning-the black bar safety net

I. vulnerability description Apache Tomcat on RedHat distributions local to mention the right vulnerability II. Background description Tomcat is by Apache Software Foundation subordinate's Jakarta a project development Servlet vessel, in accordance with Sun Microsystems to provide the technical...

tomcat: Local privilege escalation via systemd-tmpfiles service

It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...