CVE-2013-1976:CVE-2013-1976 - The tomcat init scripts in certain distributions allow local users to change ownership of arbitrary files via a symlink attack.

splash
Back

Description Preview

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. This vulnerability could be exploited by a malicious local user to manipulate file ownership, potentially leading to unauthorized access or privilege escalation.

Overview

CVE-2013-1976 is a vulnerability in the tomcat init scripts found in certain distributions, allowing local users to modify file ownership through a symlink attack. The affected versions include Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, as well as Red Hat Enterprise Linux 5 and 6.

Remediation

To remediate this vulnerability, it is recommended to apply the necessary patches provided by the respective vendors. Users should update their affected systems to the latest versions of the tomcat init scripts to mitigate the symlink attack vector. Additionally, it is advised to review and adjust file permissions to prevent unauthorized changes to file ownership by local users.

References

  1. Red Hat Security Advisory RHSA-2013:0871 - http://rhn.redhat.com/errata/RHSA-2013-0871.html
  2. Red Hat Security Advisory RHSA-2013:0869 - http://rhn.redhat.com/errata/RHSA-2013-0869.html
  3. Bugzilla Report for CVE-2013-1976 - https://bugzilla.redhat.com/show_bug.cgi?id=927622
  4. Red Hat Security Advisory RHSA-2013:0870 - http://rhn.redhat.com/errata/RHSA-2013-0870.html
  5. Red Hat Security Advisory RHSA-2013:0872 - http://rhn.redhat.com/errata/RHSA-2013-0872.html
  6. openSUSE-SU-2013:1306 - http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing
    Manufacturing
  2. Management of Companies & Enterprises
    Management of Companies & Enterprises
  3. Transportation & Warehousing
    Transportation & Warehousing
  4. Health Care & Social Assistance
    Health Care & Social Assistance
  5. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  6. Educational Services
    Educational Services
  7. Finance and Insurance
    Finance and Insurance
  8. Wholesale Trade
    Wholesale Trade
  9. Accommodation & Food Services
    Accommodation & Food Services
  10. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  11. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  12. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  13. Construction
    Construction
  14. Information
    Information
  15. Mining
    Mining
  16. Other Services (except Public Administration)
    Other Services (except Public Administration)
  17. Public Administration
    Public Administration
  18. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  19. Retail Trade
    Retail Trade
  20. Utilities
    Utilities

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background
Armis Vulnerability Intelligence Database