Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Ausführen von Code mit höheren Privilegien in tomcat8
Aktuelle Meldungen Distributionen
Name: Ausführen von Code mit höheren Privilegien in tomcat8
ID: DSA-3670-1
Distribution: Debian
Plattformen: Debian jessie
Datum: Do, 15. September 2016, 23:52
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1240

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3670-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 15, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : tomcat8
CVE ID : CVE-2016-1240

Dawid Golunski of LegalHackers discovered that the Tomcat init script
performed unsafe file handling, which could result in local privilege
escalation.

For the stable distribution (jessie), this problem has been fixed in
version 8.0.14-1+deb8u3.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your tomcat8 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJX2tmhAAoJEBDCk7bDfE42U14QAJJOSC4b8vtDESjIjSWxODg5
H8CI7SkATzcDlIfPTNCxX4Gn9iAWS8uxjJP7FaUjpsBmzkB1omdzmr6SgCw9mlM0
b0sZXRGRbKDRnXzN0IwTuKI/tuV1s7c5KWfjhGTAJ1SL7foKlwaKXXQemeztouiv
yRmczPp9NlqrifyXGNIqsF47QNbGiJIM5S+N99/u1YHMO1akm4i2f5cKtfIXokU4
7tpY8UoxAqmWJ4u1p9PxmtA71vuP8gsXoN836iM/OtrY9IZlpArzF6qANhOtj85o
ynd7MiPURLutw6Xmp6ZGOpx6or8g4prmjLubsg1tekoQsFI2BJy93oxNj+Wyo7dp
4CG3XF9aM4QAv7JkuRY6vQIeOcN04h48/MPgY2VR8gykh1v+IFj2+dxTBRVeMcm8
Tu5NLwi83iHaqxxM4h49baQiCwnSimTSd9Bbji060jybWQbtSGoY0zW970z7+uP7
reUu50rI8Hl/Ie8pB13S6kzmvIrGUQpCbIjv01LMO014rYMKfQtCfD/j/8gKikrq
6ofo42Xb7D0MfiUn1xy9yAl+wwcer1yaG1MbUCerhWWRMkr0w17etkiCZcSiskeB
LuZ5a+bExkpnMr8RhErnSHTOEqvW+8djQEkN2fXEUv5pUHww55I+tcf8QfqCV6a4
BPq31eJnhbkhvROQIv8E
=Fhnw
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung