Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2013-1976
HistoryJul 09, 2013 - 12:00 a.m.

CVE-2013-1976

2013-07-0900:00:00
ubuntu.com
ubuntu.com
11

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the
RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0,
and Red Hat Enterprise Linux 5 and 6, allow local users to change the
ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log,
(b) tomcat6-initd.log, ยฉ catalina.out, or (d) tomcat7-initd.log.

Bugs

Notes

Author Note
mdeslaur in redhat-specific init script

Related

nessus 15
redhat 4
debiancve 1
oraclelinux 2
centos 2
openvas 13
veracode 1
seebug 1
prion 1
cve 1
amazon 1
mageia 1
f5 1
nessus
nessus
RHEL 5 / 6 : tomcat5 and tomcat6 (RHSA-2013:0872)
2013-05-30 00:00:00
Scientific Linux Security Update : tomcat5 on SL5.x i386/x86_64 (20130528)
2013-05-29 00:00:00
RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0871)
2014-06-26 00:00:00
redhat
redhat
(RHSA-2013:0871) Important: tomcat6 and tomcat7 security update
2013-05-28 17:26:19
(RHSA-2013:0872) Important: tomcat5 and tomcat6 security update
2013-05-28 00:00:00
(RHSA-2013:0870) Important: tomcat5 security update
2013-05-28 00:00:00
debiancve
debiancve
CVE-2013-1976
2013-07-09 17:55:00
oraclelinux
oraclelinux
tomcat5 security update
2013-05-28 00:00:00
tomcat6 security update
2013-05-28 00:00:00
centos
centos
tomcat5 security update
2013-05-28 18:47:52
tomcat6 security update
2013-05-29 08:25:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-196)
2015-09-08 00:00:00
CentOS Update for tomcat5 CESA-2013:0870 centos5
2013-05-31 00:00:00
RedHat Update for tomcat5 RHSA-2013:0870-01
2013-05-31 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 08:53:56
seebug
seebug
Apache Tomcat ไธๅฎ‰ๅ…จไธดๆ—ถๆ–‡ไปถๅค„็†ๆผๆดž(CVE-2013-1976)
2013-05-30 00:00:00
prion
prion
Input validation
2013-07-09 17:55:00
cve
cve
CVE-2013-1976
2013-07-09 17:55:00
amazon
amazon
Important: tomcat6
2013-06-11 22:44:00
mageia
mageia
Updated tomcat6 packages fix multiple vulnerabilities and logging
2014-02-17 22:13:24
f5
f5
K20038622 : Multiple Apache Tomcat vulnerabilities
2020-08-06 00:00:00

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for UB:CVE-2013-1976
nessus15redhat4debiancve1oraclelinux2centos2openvas13veracode1seebug1prion1cve1amazon1mageia1f51