VDB
CVE-2016-5425
CVE-2016-5425
PUBLISHED
Reported by redhat · Published October 13, 2016
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| chainguard | tomcat-8.5.87 | *, * |
| n/a | n/a | n/a, n/a |
Exploit Intelligence
- http://legalhackers.com/advisories/Tomcat-RedHat-Pkgs-Root-PrivEsc-Exploit-CVE-2016-5425.html (nist-nvd)
- http://packetstormsecurity.com/files/139041/Apache-Tomcat-8-7-6-Privilege-Escalation.html (nist-nvd)
- 40488 (cve.org)
- Apache Tomcat Privilege Escalation Exploit (0day-today)
- Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation (0day-today)
Timeline
- Oct 10, 2016 PoC Published
- Oct 13, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 8, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 14, 2023 PoC Published
References
- 1036979 vdb-entryx_refsource_SECTRACK
- 93472 vdb-entryx_refsource_BID
- x_refsource_CONFIRM
- x_refsource_MISC
- x_refsource_MISC
- [oss-security] 20161010 CVE-2016-5425 - Apache Tomcat packaging on RedHat-based distros - Root Privilege Escalation (affecting CentOS, Fedora, OracleLinux, RedHat etc.) mailing-listx_refsource_MLIST
- RHSA-2016:2046 vendor-advisoryx_refsource_REDHAT
- 40488 exploitx_refsource_EXPLOIT-DB
- [activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar mailing-listx_refsource_MLIST
- x_refsource_MISC