Wilfried Weissmann

**Name of the Vulnerable Software and Affected Versions** Apache Commons Daemon jsvc versions 1.0.3 through 1.0.6 Apache Tomcat versions 5.5.32 through 5.5.33 Apache Tomcat versions 6.0.30 through 6.0.32 Apache Tomcat versions 7.0.x before 7.0.20 **Description** The issue arises from a bug in the capabilities code of jsvc, which is part of the Commons Daemon project and used in Apache Tomcat. This bug prevents jsvc from dropping capabilities, allowing remote attackers to bypass read permissions for files via a request to an application. The vulnerability is specific to Tomcat running on a Linux operating system, where jsvc was compiled with the libcap parameter, and the -user parameter is used. **Recommendations** For Apache Commons Daemon jsvc versions 1.0.3 through 1.0.6, update to a version that includes the fix for the capabilities code bug. For Apache Tomcat versions 5.5.32 through 5.5.33, update to a version that includes the fixed jsvc. For Apache Tomcat versions 6.0.30 through 6.0.32, update to a version that includes the fixed jsvc. For Apache Tomcat versions 7.0.x before 7.0.20, update to version 7.0.20 or later.