Date: Fri, 30 Sep 2016 21:15:35 -0300 From: Dawid Golunski <dawid@...alhackers.com> To: oss-security@...ts.openwall.com Subject: CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation CVE: CVE-2016-1240 Vulnerability: Tomcat packaging on Debian-based distros - Local Root Privilege Escalation Affected packages: Tomcat 6/7/8 deb packages (up to 8.0.36-2) Systems affected: Debian & Ubuntu & possibly others (using the affected deb packages) Discovered by: Dawid Golunski (http://legalhackers.com) Tomcat (6, 7, 8) packages provided by default repositories on Debian-based distributions (including Debian, Ubuntu etc.) provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account (for example, by exploiting an RCE vulnerability in a java web application hosted on Tomcat, uploading a webshell etc.) to escalate their privileges from tomcat user to root and fully compromise the target system. The full Advisory and a PoC exploit can be found at: http://legalhackers.com/advisories/Tomcat-DebPkgs-Root-Privilege-Escalation-Exploit-CVE-2016-1240.html -- Regards, Dawid Golunski http://legalhackers.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.