← back
CVE-2004-1452

CVE-2004-1452

EPSS 0.4%
Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/12296/https://exchange.xforce.ibmcloud.com/vulnerabilities/16993http://www.gentoo.org/security/en/glsa/glsa-200408-15.xmlhttp://www.securityfocus.com/bid/10951