Lucene search
HistoryDec 31, 2004 - 5:00 a.m.
CVE-2004-1452
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
High
EPSS
0
Percentile
5.1%
Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.
Affected configurations
Node
gentoolinuxMatch0.5
ORgentoolinuxMatch0.7
ORgentoolinuxMatch1.1a
ORgentoolinuxMatch1.2
ORgentoolinuxMatch1.4
ORgentoolinuxMatch1.4rc1
ORgentoolinuxMatch1.4rc2
ORgentoolinuxMatch1.4rc3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gentoo | linux | 0.5 | cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:* |
| gentoo | linux | 0.7 | cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:* |
| gentoo | linux | 1.1a | cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:* |
| gentoo | linux | 1.2 | cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:* |
| gentoo | linux | 1.4 | cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:* |
| gentoo | linux | 1.4 | cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:* |
| gentoo | linux | 1.4 | cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:* |
| gentoo | linux | 1.4 | cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:* |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200408-15 (tomcat)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200408-15 (tomcat)
2008-09-24 00:00:00
cvelist
cvelist
CVE-2004-1452
2005-02-13 05:00:00
cve
cve
CVE-2004-1452
2005-02-13 05:00:00
nessus
nessus
GLSA-200408-15 : Tomcat: Insecure installation
2004-08-30 00:00:00
gentoo
gentoo
Tomcat: Insecure installation
2004-08-15 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2004-1452