CVE-2013-1976

JBoss Enterprise Web Server 1.0.2 and 2.0.0 - Symlink Attack via Tomcat Init Script Log Files

Title source: llm
STIX 2.1

Description

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log.

References (6)

Core 6
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0871.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0869.html
Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=927622
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0870.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0872.html
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html

Scores

EPSS 0.0037
EPSS Percentile 28.8%

Details

CWE
CWE-59
Status published
Products (4)
redhat/enterprise_linux 5
redhat/enterprise_linux 6.0
redhat/jboss_enterprise_web_server 1.0.2
redhat/jboss_enterprise_web_server 2.0.0
Published Jul 09, 2013
Tracked Since Feb 18, 2026