New Search

HP-UX Apache Running Tomcat Servlet Engine Remote Denial of Service (DoS) Access Restriction Bypass Unauthorized Modification and Other Vulnerabilities

oval:org.mitre.oval:def:19450

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons as used in Apache Tomcat 5.5.32 through 5.5.33 6.0.30 through 6.0.32 and 7.0.x before 7.0.20 on Linux does not drop capabilities which allows remote attackers to bypass read permissions for files via a request to an application.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2011-2729
Product(s):