Lucene search
F5F5:K61414056HistoryOct 20, 2016 - 12:00 a.m.
K61414056 : Apache Tomcat vulnerability CVE-2016-5425
2016-10-2000:00:00
my.f5.com
56
Security Advisory Description
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group. (CVE-2016-5425)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
prion
prion
Design/Logic Flaw
2016-10-13 14:59:00
packetstorm
packetstorm
Apache Tomcat Privilege Escalation
2023-03-14 00:00:00
Apache Tomcat 8 / 7 / 6 Privilege Escalation
2016-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2016-5425
2016-10-13 00:00:00
exploitpack
exploitpack
Apache Tomcat 876 (RedHat Based Distros) - Local Privilege Escalation
2016-10-10 00:00:00
nvd
nvd
CVE-2016-5425
2016-10-13 14:59:07
zdt
zdt
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
2016-10-10 00:00:00
Apache Tomcat Privilege Escalation Exploit
2023-03-14 00:00:00
myhack58
myhack58
cve
cve
CVE-2016-5425
2016-10-13 14:59:07
f5
f5
SOL61414056 - Apache Tomcat vulnerability CVE-2016-5425
2016-10-20 00:00:00
metasploit
metasploit
cvelist
cvelist
CVE-2016-5425
2016-10-13 14:00:00
redhatcve
redhatcve
CVE-2016-5425
2016-10-10 08:17:29
debiancve
debiancve
CVE-2016-5425
2016-10-13 14:59:00
exploitdb
exploitdb
Apache Tomcat 8/7/6 (RedHat Based Distros) - Local Privilege Escalation
2016-10-10 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-03-17 19:33:24
redhat
redhat
(RHSA-2016:2046) Important: tomcat security update
2016-10-10 18:29:51
nessus
nessus
EulerOS 2.0 SP1 : tomcat (EulerOS-SA-2016-1049)
2017-05-01 00:00:00
Oracle Linux 7 : tomcat (ELSA-2016-2046) (httpoxy)
2016-10-11 00:00:00
RHEL 7 : tomcat (RHSA-2016:2046) (httpoxy)
2016-10-11 00:00:00
oraclelinux
oraclelinux
tomcat security update
2016-10-10 00:00:00
openvas
openvas
RedHat Update for tomcat RHSA-2016:2046-01
2016-10-11 00:00:00
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2016-1049)
2020-01-23 00:00:00
CentOS Update for tomcat CESA-2016:2046 centos7
2016-10-12 00:00:00
centos
centos
tomcat security update
2016-10-11 18:36:52
mageia
mageia
Updated tomcat packages fix security vulnerability
2016-11-05 01:29:35
fedora
fedora
[SECURITY] Fedora 25 Update: tomcat-8.0.38-1.fc25
2016-11-19 21:26:18
[SECURITY] Fedora 23 Update: tomcat-8.0.38-1.fc23
2016-11-13 02:21:02
[SECURITY] Fedora 24 Update: tomcat-8.0.38-1.fc24
2016-11-12 23:56:29
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00