USN-3081-2: Tomcat vulnerability
27 October 2020
The system could be made to run programs as an administrator.
- tomcat6 - Servlet and JSP engine
Dawid Golunski discovered that the Tomcat init script incorrectly handled
creating log files. A remote attacker could possibly use this issue to
obtain root privileges.
- USN-3081-1: libtomcat6-java, libtomcat7-java, libtomcat8-java, tomcat8, tomcat6, tomcat7