blob: ff125490d384ea7f756fcf6effa8fc01a9c2e449 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200408-15">
<title>Tomcat: Insecure installation</title>
Improper file ownership may allow a member of the tomcat group to execute
scripts as root.
<product type="ebuild">tomcat</product>
<announced>August 15, 2004</announced>
<revised>May 22, 2006: 04</revised>
<package name="www-servers/tomcat" auto="yes" arch="*">
<unaffected range="ge">5.0.27-r3</unaffected>
<unaffected range="rge">4.1.30-r4</unaffected>
<unaffected range="rge">3.3.2-r2</unaffected>
<vulnerable range="lt">5.0.27-r3</vulnerable>
Tomcat is the Apache Jakarta Project's official implementation of Java
Servlets and Java Server Pages.
The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init
scripts as tomcat:tomcat, but those scripts are executed with root
privileges when the system is started. This may allow a member of the
tomcat group to run arbitrary code with root privileges when the Tomcat
init scripts are run.
<impact type="normal">
This could lead to a local privilege escalation or root compromise by
authenticated users.
Users may change the ownership of /etc/init.d/tomcat* and
/etc/conf.d/tomcat* to be root:root:
# chown -R root:root /etc/init.d/tomcat*
# chown -R root:root /etc/conf.d/tomcat*</code>
All Tomcat users can upgrade to the latest stable version, or simply
apply the workaround:
# emerge sync
# emerge -pv &quot;&gt;=www-servers/tomcat-5.0.27-r3&quot;
# emerge &quot;&gt;=www-servers/tomcat-5.0.27-r3&quot;</code>
<uri link="">CVE-2004-1452</uri>
<metadata tag="submitter" timestamp="Sun, 8 Aug 2004 20:54:24 +0000">