{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-05-28T00:00:00", "descriptions": [{"lang": "en", "value": "The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-03T22:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2013:0871", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0871.html"}, {"name": "RHSA-2013:0869", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0869.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=927622"}, {"name": "RHSA-2013:0870", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0870.html"}, {"name": "RHSA-2013:0872", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0872.html"}, {"name": "openSUSE-SU-2013:1306", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:20:37.484Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2013:0871", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0871.html"}, {"name": "RHSA-2013:0869", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0869.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=927622"}, {"name": "RHSA-2013:0870", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0870.html"}, {"name": "RHSA-2013:0872", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0872.html"}, {"name": "openSUSE-SU-2013:1306", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-1976", "datePublished": "2013-07-09T17:00:00", "dateReserved": "2013-02-19T00:00:00", "dateUpdated": "2024-08-06T15:20:37.484Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "36684290-780F-444A-8534-907C52796F6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "681173DF-537E-4A64-8FC7-75F439CCAD0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log."}, {"lang": "es", "value": "Los scripts de inicio de (1) tomcat5, (2) tomcat6, y (3) tomcat7, como los usados en las distribuciones RPM de Tomcat para JBoss Enterprise Web Server v1.0.2 y v2.0.0, y Red Hat Enterprise Linux 5 y 6, permite a usuarios locales cambiar el propietario de ficheros a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, o (d) tomcat7-initd.log."}], "id": "CVE-2013-1976", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-07-09T17:55:00.950", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0869.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0870.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0871.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0872.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=927622"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00013.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0869.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0870.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0871.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0872.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=927622"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Simon Fayer (Imperial College London) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2013:0870", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "tomcat5-0:5.5.23-0jpp.40.el5_9", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0869", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "tomcat6-0:6.0.24-55.el6_4", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0872", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "tomcat5-0:5.5.33-33_patch_09.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0872", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", "package": "tomcat6-0:6.0.32-32_patch_09.ep5.el5", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 5", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0872", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "tomcat5-0:5.5.33-36_patch_09.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0872", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1::el6", "package": "tomcat6-0:6.0.32-35_patch_09.ep5.el6", "product_name": "Red Hat JBoss Enterprise Web Server 1 for RHEL 6", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0871", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5", "package": "tomcat6-0:6.0.35-12_patch_07.ep6.el5", "product_name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0871", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5", "package": "tomcat7-0:7.0.30-5_patch_03.ep6.el5", "product_name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0871", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6", "package": "tomcat6-0:6.0.35-33_patch_07.ep6.el6", "product_name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6", "release_date": "2013-05-28T00:00:00Z"}, {"advisory": "RHSA-2013:0871", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6", "package": "tomcat7-0:7.0.30-7_patch_03.ep6.el6", "product_name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6", "release_date": "2013-05-28T00:00:00Z"}], "bugzilla": {"description": "tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)", "id": "927622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=927622"}, "csaw": false, "cvss": {"cvss_base_score": "6.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "status": "verified"}, "details": ["The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log."], "name": "CVE-2013-1976", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "others", "product_name": "Red Hat JBoss Enterprise Web Server 1"}], "public_date": "2013-05-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-1976\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-1976"], "statement": "This flaw pertains to the init scripts provided by the RPM distribution of tomcat in various Red Hat products. ZIP distributions do not include init scripts, and are not affected by this flaw.", "threat_severity": "Important"}