Vulnerability Details : CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
Products affected by CVE-2011-2729
- cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:5.5.32:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:5.5.33:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:apache_commons_daemon:1.0.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:apache_commons_daemon:1.0.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:apache_commons_daemon:1.0.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:apache:apache_commons_daemon:1.0.6:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
Exploit prediction scoring system (EPSS) score for CVE-2011-2729
8.78%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2729
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2011-2729
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2729
-
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html
[security-announce] openSUSE-SU-2011:1062-1: important: jakarta-commons-
-
http://marc.info/?l=bugtraq&m=133469267822771&w=2
'[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CS' - MARC
-
http://tomcat.apache.org/security-5.html
Apache Tomcat® - Apache Tomcat 5 vulnerabilitiesVendor Advisory
-
http://www.securityfocus.com/bid/49143
Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
-
http://marc.info/?l=bugtraq&m=139344343412337&w=2
'[security bulletin] HPSBST02955 rev.1 - HP XP P9000 Performance Advisor Software, 3rd party Software' - MARC
-
http://marc.info/?l=bugtraq&m=132215163318824&w=2
'[security bulletin] HPSBUX02725 SSRT100627 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remot' - MARC
-
http://marc.info/?l=bugtraq&m=136485229118404&w=2
'[security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remot' - MARC
-
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/-Apache Mail Archives
-
http://tomcat.apache.org/security-6.html
Apache Tomcat® - Apache Tomcat 6 vulnerabilitiesVendor Advisory
-
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
http://tomcat.apache.org/security-7.html
Apache Tomcat® - Apache Tomcat 7 vulnerabilitiesVendor Advisory
-
http://www.securityfocus.com/archive/1/519263/100/0/threaded
SecurityFocus
-
http://people.apache.org/~markt/patches/2011-08-12-cve2011-2729-tc5.patch
404 Not Found
-
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
https://bugzilla.redhat.com/show_bug.cgi?id=730400
730400 – (CVE-2011-2729) CVE-2011-2729 jakarta-commons-daemon: jsvc does not drop capabilities allowing access to files and directories owned by the superuser
-
http://www.redhat.com/support/errata/RHSA-2011-1291.html
Support
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19450
Repository / Oval Repository
-
http://secunia.com/advisories/57126
Sign in
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14743
Repository / Oval Repository
-
http://svn.apache.org/viewvc?view=revision&revision=1153379
[Apache-SVN] Revision 1153379
-
http://www.redhat.com/support/errata/RHSA-2011-1292.html
Support
-
http://svn.apache.org/viewvc?view=revision&revision=1153824
[Apache-SVN] Revision 1153824
-
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E
[SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)-Apache Mail Archives
-
http://svn.apache.org/viewvc?view=revision&revision=1152701
[Apache-SVN] Revision 1152701
-
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/-Apache Mail Archives
-
https://issues.apache.org/jira/browse/DAEMON-214
[DAEMON-214] CVE-2011-2729: jsvc fails to drop capabilities on Linux - ASF JIRA
-
http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E
[AANNOUNCE] Apache Commons Daemon 1.0.7 released-Apache Mail Archives
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/69161
Apache Tomcat jsvc information disclosure CVE-2011-2729 Vulnerability Report
-
http://secunia.com/advisories/46030
Sign in
-
http://securitytracker.com/id?1025925
Apache Tomcat Commons Daemon jsvc Lets Local Users Gain Elevated Privileges - SecurityTracker
Jump to