PT-2013-3499 · Apache+3 · Apache Tomcat+4

Simon Fayer

Publicado

2013-05-28

Atualizado

2024-06-15

CVE-2013-1976

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tomcat versions in JBoss Enterprise Web Server 1.0.2 and 2.0.0 Tomcat versions in Red Hat Enterprise Linux 5 and 6

Description The issue allows local users to change the ownership of arbitrary files via a symlink attack on log files, including tomcat5-initd.log, tomcat6-initd.log, catalina.out, or tomcat7-initd.log.

Recommendations For Tomcat versions in JBoss Enterprise Web Server 1.0.2 and 2.0.0, consider restricting access to the log files to prevent symlink attacks. For Tomcat versions in Red Hat Enterprise Linux 5 and 6, restrict access to the log files to minimize the risk of exploitation. As a temporary workaround, consider setting the log files to immutable to prevent changes until a patch is available.

Correção

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-59

Identificadores relacionados

CESA-2013_0869

CVE-2013-1976

MGASA-2014-0082

OPENSUSE-SU-2024:10153-1

OPENSUSE-SU-2024:10446-1

OPENSUSE-SU-2024:13441-1

RHSA-2013:0869

RHSA-2013:0870

RHSA-2013:0871

RHSA-2013:0872

RHSA-2013_0869

RHSA-2013_0870

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

Produtos afetados

Centos

Jboss Enterprise Web Server

Red Hat

Suse

Apache Tomcat

PT-2013-3499 · Apache+3 · Apache Tomcat+4

CVE-2013-1976

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 497