drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen von Code mit höheren Privilegien in tomcat8
Name: |
Ausführen von Code mit höheren Privilegien in tomcat8 |
|
ID: |
DSA-3670-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie |
|
Datum: |
Do, 15. September 2016, 23:52 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1240 |
|
Applikationen: |
Apache Tomcat |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3670-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : tomcat8 CVE ID : CVE-2016-1240
Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation.
For the stable distribution (jessie), this problem has been fixed in version 8.0.14-1+deb8u3.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your tomcat8 packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJX2tmhAAoJEBDCk7bDfE42U14QAJJOSC4b8vtDESjIjSWxODg5 H8CI7SkATzcDlIfPTNCxX4Gn9iAWS8uxjJP7FaUjpsBmzkB1omdzmr6SgCw9mlM0 b0sZXRGRbKDRnXzN0IwTuKI/tuV1s7c5KWfjhGTAJ1SL7foKlwaKXXQemeztouiv yRmczPp9NlqrifyXGNIqsF47QNbGiJIM5S+N99/u1YHMO1akm4i2f5cKtfIXokU4 7tpY8UoxAqmWJ4u1p9PxmtA71vuP8gsXoN836iM/OtrY9IZlpArzF6qANhOtj85o ynd7MiPURLutw6Xmp6ZGOpx6or8g4prmjLubsg1tekoQsFI2BJy93oxNj+Wyo7dp 4CG3XF9aM4QAv7JkuRY6vQIeOcN04h48/MPgY2VR8gykh1v+IFj2+dxTBRVeMcm8 Tu5NLwi83iHaqxxM4h49baQiCwnSimTSd9Bbji060jybWQbtSGoY0zW970z7+uP7 reUu50rI8Hl/Ie8pB13S6kzmvIrGUQpCbIjv01LMO014rYMKfQtCfD/j/8gKikrq 6ofo42Xb7D0MfiUn1xy9yAl+wwcer1yaG1MbUCerhWWRMkr0w17etkiCZcSiskeB LuZ5a+bExkpnMr8RhErnSHTOEqvW+8djQEkN2fXEUv5pUHww55I+tcf8QfqCV6a4 BPq31eJnhbkhvROQIv8E =Fhnw -----END PGP SIGNATURE-----
|
|
|
|