CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1452

Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.4%

CVSS Severity

CVSS v2 Score 7.2

References

http://secunia.com/advisories/12296/
http://www.gentoo.org/security/en/glsa/glsa-200408-15.xml
http://www.securityfocus.com/bid/10951
https://exchange.xforce.ibmcloud.com/vulnerabilities/16993
http://secunia.com/advisories/12296/
http://www.gentoo.org/security/en/glsa/glsa-200408-15.xml
http://www.securityfocus.com/bid/10951
https://exchange.xforce.ibmcloud.com/vulnerabilities/16993

Products affected by CVE-2004-1452

Gentoo » Linux » Version: 0.5

cpe:2.3:o:gentoo:linux:0.5
Gentoo » Linux » Version: 0.7

cpe:2.3:o:gentoo:linux:0.7
Gentoo » Linux » Version: 1.1a

cpe:2.3:o:gentoo:linux:1.1a
Gentoo » Linux » Version: 1.2

cpe:2.3:o:gentoo:linux:1.2
Gentoo » Linux » Version: 1.4

cpe:2.3:o:gentoo:linux:1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1452

Products

Pricing

Contact Us