Download
| Alert*
ALAS-2013-196 ---- tomcat6
The tomcat5, tomcat6, and tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on tomcat5-initd.log, tomcat6-initd.log, catalina.out, or tomcat7-initd.log.
|