Back to search
CVE-2016-5425
Published: Oct 13, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1036979
vdb-entry
x_refsource_SECTRACK
93472
vdb-entry
x_refsource_BID
RHSA-2016:2046
vendor-advisory
x_refsource_REDHAT
40488
exploit
x_refsource_EXPLOIT-DB
[activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now