Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2004-1452

Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.

  • Published: Dec 31, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-1452
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
gentoo / linux 1.4-rc1 1.4-rc1.x
gentoo / linux 1.4-rc3 1.4-rc3.x
gentoo / linux 0.5 0.5.x
gentoo / linux 1.1a 1.1a.x
gentoo / linux 1.4 1.4.x
gentoo / linux 0.7 0.7.x
gentoo / linux 1.2 1.2.x
gentoo / linux 1.4-rc2 1.4-rc2.x