This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200408-15
(Tomcat: Insecure installation)
The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init
scripts as tomcat:tomcat, but those scripts are executed with root
privileges when the system is started. This may allow a member of the
tomcat group to run arbitrary code with root privileges when the Tomcat
init scripts are run.
This could lead to a local privilege escalation or root compromise by
Users may change the ownership of /etc/init.d/tomcat* and
/etc/conf.d/tomcat* to be root:root:
# chown -R root:root /etc/init.d/tomcat*
# chown -R root:root /etc/conf.d/tomcat*
See also :
All Tomcat users can upgrade to the latest stable version, or simply
apply the workaround:
# emerge sync
# emerge -pv '>=www-servers/tomcat-5.0.27-r3'
# emerge '>=www-servers/tomcat-5.0.27-r3'
Risk factor :
High / CVSS Base Score : 7.2
Family: Gentoo Local Security Checks
Nessus Plugin ID: 14571 (gentoo_GLSA-200408-15.nasl)
CVE ID: CVE-2004-1452