This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account to escalate their privileges from the tomcat user to root and fully compromise the target system.
0ac41921eb75c8008e9f94786db836a9f76e614d54c6925c606eecf1de5fb188Ubuntu Security Notice 3081-2 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges.
a5c9a3a9bdb78367603007ec8640aaab2dc3486f9c257dae7a0d8cdaa28cc548Gentoo Linux Security Advisory 201705-9 - Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could lead to privilege escalation. Versions less than 8.0.36 are affected.
32a00eece0fedfca7e3d14c18c552d78e1bb762223bc097962ee70ea1c994b64Red Hat Security Advisory 2017-0457-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements. Multiple security issues have been addressed.
7b6d937a7363eb3534a17e5753987b42852580f1bf77ab54d81316639581af8aRed Hat Security Advisory 2017-0456-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements. Multiple security issues have been addressed.
439006faa54fcb1a99274f4917c65ee29688301c270ba766630fe134a170fcffRed Hat Security Advisory 2017-0455-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements. Multiple security issues have been addressed.
229900bcc01d582272cfb12959e445a23c0cd6ee8d637f7acf5f7769ec2c427dApache Tomcat versions 8.0.36-2 and below, 7.0.70-2 and below, and 6.0.45+dfsg-1~deb8ul and below suffer from a local root privilege escalation vulnerability.
893a92e39c86918879337de752d3a9e073dfec764fa778ff27ab1e26ede6e1a3Ubuntu Security Notice 3081-1 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. This update also reverts a change in behavior introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.
675f6057a1c1f0a39c448e746d1b909c252d28c8cb0a684b52fd7a96408910f7Debian Linux Security Advisory 3669-1 - Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation.
206d6b75119861b8a83da66629ef1f00284e5a30f11fb052bc9a1f4f46863523
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed