CVE-2013-1976

2013-07-0917:55:00

CWE-59

redhat

web.nvd.nist.gov

cve-2013-1976

tomcat

rpm

jboss

red hat

symlink attack

local users

file ownership

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

Percentile

5.1%

JSON

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, © catalina.out, or (d) tomcat7-initd.log.

Affected configurations

Nvd

Node

redhatjboss_enterprise_web_serverMatch1.0.2

redhatjboss_enterprise_web_serverMatch2.0.0

redhatenterprise_linuxMatch5

redhatenterprise_linuxMatch6.0

VendorProductVersionCPE
redhatjboss_enterprise_web_server1.0.2cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.2:*:*:*:*:*:*:*
redhatjboss_enterprise_web_server2.0.0cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
redhatenterprise_linux5cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
redhatenterprise_linux6.0cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	jboss_enterprise_web_server	1.0.2	cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.2:::::::*
redhat	jboss_enterprise_web_server	2.0.0	cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:::::::*
redhat	enterprise_linux	5	cpe:2.3:o:redhat:enterprise_linux:5:::::::*
redhat	enterprise_linux	6.0	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*