NVD Vulnerability Detail

CVE-2011-2729

Summary	native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
Publication Date	Aug. 16, 2011, 6:55 a.m.
Registration Date	Jan. 28, 2021, 4:39 p.m.
Last Update	Nov. 21, 2024, 10:28 a.m.

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:P/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:apache:tomcat:5.5.32:::::::*
cpe:2.3:a:apache:tomcat:5.5.33:::::::*
execution environment
1	cpe:2.3:o:linux:linux_kernel::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:apache:tomcat:6.0.30:::::::*
cpe:2.3:a:apache:tomcat:6.0.31:::::::*
cpe:2.3:a:apache:tomcat:6.0.32:::::::*
execution environment
1	cpe:2.3:o:linux:linux_kernel::::::::

Configuration3		or higher	or less	more than	less than
cpe:2.3:a:apache:apache_commons_daemon:1.0.3:::::::*
cpe:2.3:a:apache:apache_commons_daemon:1.0.4:::::::*
cpe:2.3:a:apache:apache_commons_daemon:1.0.5:::::::*
cpe:2.3:a:apache:apache_commons_daemon:1.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
cpe:2.3:a:apache:tomcat:7.0.1:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.3:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:::::::*
cpe:2.3:a:apache:tomcat:7.0.5:::::::*
cpe:2.3:a:apache:tomcat:7.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.7:::::::*
cpe:2.3:a:apache:tomcat:7.0.8:::::::*
cpe:2.3:a:apache:tomcat:7.0.9:::::::*
cpe:2.3:a:apache:tomcat:7.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.11:::::::*
cpe:2.3:a:apache:tomcat:7.0.12:::::::*
cpe:2.3:a:apache:tomcat:7.0.13:::::::*
cpe:2.3:a:apache:tomcat:7.0.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.16:::::::*
cpe:2.3:a:apache:tomcat:7.0.17:::::::*
cpe:2.3:a:apache:tomcat:7.0.19:::::::*
execution environment
1	cpe:2.3:o:linux:linux_kernel::::::::

Related information, measures and tools

No	URL	タグ
1	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html
2	http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E
3	http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E
4	http://marc.info/?l=bugtraq&m=132215163318824&w=2
5	http://marc.info/?l=bugtraq&m=132215163318824&w=2
6	http://marc.info/?l=bugtraq&m=133469267822771&w=2
7	http://marc.info/?l=bugtraq&m=133469267822771&w=2
8	http://marc.info/?l=bugtraq&m=136485229118404&w=2
9	http://marc.info/?l=bugtraq&m=136485229118404&w=2
10	http://marc.info/?l=bugtraq&m=139344343412337&w=2
11	http://people.apache.org/~markt/patches/2011-08-12-cve2011-2729-tc5.patch
12	http://secunia.com/advisories/46030
13	http://secunia.com/advisories/57126
14	http://securitytracker.com/id?1025925
15	http://svn.apache.org/viewvc?view=revision&revision=1152701
16	http://svn.apache.org/viewvc?view=revision&revision=1153379
17	http://svn.apache.org/viewvc?view=revision&revision=1153824
18	http://tomcat.apache.org/security-5.html	Vendor Advisory
19	http://tomcat.apache.org/security-6.html	Vendor Advisory
20	http://tomcat.apache.org/security-7.html	Vendor Advisory
21	http://www.redhat.com/support/errata/RHSA-2011-1291.html
22	http://www.redhat.com/support/errata/RHSA-2011-1292.html
23	http://www.securityfocus.com/archive/1/519263/100/0/threaded
24	http://www.securityfocus.com/bid/49143
25	https://bugzilla.redhat.com/show_bug.cgi?id=730400
26	https://exchange.xforce.ibmcloud.com/vulnerabilities/69161
27	https://issues.apache.org/jira/browse/DAEMON-214
28	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
29	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
30	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
31	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
32	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14743
33	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19450
34	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html
35	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19450
36	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14743
37	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
38	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
39	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
40	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
41	https://issues.apache.org/jira/browse/DAEMON-214
42	https://exchange.xforce.ibmcloud.com/vulnerabilities/69161
43	https://bugzilla.redhat.com/show_bug.cgi?id=730400
44	http://www.securityfocus.com/bid/49143
45	http://www.securityfocus.com/archive/1/519263/100/0/threaded
46	http://www.redhat.com/support/errata/RHSA-2011-1292.html
47	http://www.redhat.com/support/errata/RHSA-2011-1291.html
48	http://tomcat.apache.org/security-7.html	Vendor Advisory
49	http://tomcat.apache.org/security-6.html	Vendor Advisory
50	http://tomcat.apache.org/security-5.html	Vendor Advisory
51	http://svn.apache.org/viewvc?view=revision&revision=1153824
52	http://svn.apache.org/viewvc?view=revision&revision=1153379
53	http://svn.apache.org/viewvc?view=revision&revision=1152701
54	http://securitytracker.com/id?1025925
55	http://secunia.com/advisories/57126
56	http://secunia.com/advisories/46030
57	http://people.apache.org/~markt/patches/2011-08-12-cve2011-2729-tc5.patch
58	http://marc.info/?l=bugtraq&m=139344343412337&w=2
59	http://marc.info/?l=bugtraq&m=136485229118404&w=2
60	http://marc.info/?l=bugtraq&m=136485229118404&w=2
61	http://marc.info/?l=bugtraq&m=133469267822771&w=2
62	http://marc.info/?l=bugtraq&m=133469267822771&w=2
63	http://marc.info/?l=bugtraq&m=132215163318824&w=2
64	http://marc.info/?l=bugtraq&m=132215163318824&w=2
65	http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306%40apache.org%3E
66	http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%3C4E451B2B.9090108%40apache.org%3E

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-264	認可・権限・アクセス制御	https://cwe.mitre.org/data/definitions/264.html

JVN Vulnerability Information

Apache Tomcat で使用される Apache Commons の jsvc における読み取り権限を回避される脆弱性

Title	Apache Tomcat で使用される Apache Commons の jsvc における読み取り権限を回避される脆弱性
Summary	Apache Tomcat で使用される Apache Commons の Daemon コンポーネント内にある jsvc の native/unix/native/jsvc-unix.c は、ケーパビリティコードに関する処理に不備があるため、ファイルの読み取り権限を回避される脆弱性が存在します。
Possible impacts	第三者により、アプリケーションへのリクエストを介して、ファイルの読み取り権限を回避される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Aug. 3, 2011, midnight
Registration Date	Sept. 2, 2011, 2:22 p.m.
Last Update	March 5, 2015, 6:16 p.m.

Affected System

ヒューレット・パッカード

HP XP P9000 Performance Advisor ソフトウェア 5.4.1 およびそれ以前

Apache Software Foundation

Apache Tomcat 5.5.32 から 5.5.33

Apache Tomcat 6.0.30 から 6.0.32

Apache Tomcat 7.0.20 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Apache Commons
1	CVE-2011-2729: jsvc fails to drop capabilities on Linux	https://issues.apache.org/jira/browse/DAEMON-214
Common Vulnerabilities and Exposures (CVE)
2	CVE-2011-2729	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729
National Vulnerability Database (NVD)
3	CVE-2011-2729	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2729

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	Name	URL
Apache Software Foundation
1	Fixed_in_Apache_Tomcat_5.5.34	http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.34
Apache Tomcat
2	security-5	http://tomcat.apache.org/security-5.html
3	security-6	http://tomcat.apache.org/security-6.html
4	security-7	http://tomcat.apache.org/security-7.html
Apache-SVN
5	1152701	http://svn.apache.org/viewvc?view=revision&revision=1152701
6	1153379	http://svn.apache.org/viewvc?view=revision&revision=1153379
7	1153824	http://svn.apache.org/viewvc?view=revision&revision=1153824
HP Security Bulletin
8	HPSBST02955 SSRT101157	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04047415
9	HPSBUX02725 SSRT100627	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03090723
10	HPSBUX02860 SSRT101146	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03716627
Red Hat Bugzilla
11	Bug 730400	https://bugzilla.redhat.com/show_bug.cgi?id=730400
Red Hat Security Advisory
12	RHSA-2011:1291	http://rhn.redhat.com/errata/RHSA-2011-1291.html
13	RHSA-2011:1292	http://rhn.redhat.com/errata/RHSA-2011-1292.html
SECURITY BLOG
14	Multiple vulnerabilities in Oracle Java Web Console	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java

その他

No	Name	URL
ISS X-Force Database
1	69161	http://xforce.iss.net/xforce/xfdb/69161
OPEN SOURCE VULNERABILITY DATABASE (OSVDB)
2	74541	http://osvdb.org/74541
Secunia Advisory
3	SA45641	http://secunia.com/advisories/45641
SecurityFocus
4	49143	http://www.securityfocus.com/bid/49143
SecurityTracker
5	1025925	http://www.securitytracker.com/id/1025925

Change Log

No	Changed Details	Date of change
0	[2011年09月02日] 掲載 [2011年11月17日] ベンダ情報：Apache Software Foundation (Fixed_in_Apache_Tomcat_5.5.34) を追加 [2012年09月28日] ベンダ情報：オラクル (Multiple vulnerabilities in Oracle Java Web Console) を追加 [2015年03月05日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：Apache Software Foundation (1152701) を追加ベンダ情報：Apache Software Foundation (CVE-2011-2729: jsvc fails to drop capabilities on Linux) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02725 SSRT100627) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02860 SSRT101146) を追加ベンダ情報：ヒューレット・パッカード (HPSBST02955 SSRT101157) を追加ベンダ情報：レッドハット (RHSA-2011:1291) を追加ベンダ情報：レッドハット (RHSA-2011:1292) を追加ベンダ情報：レッドハット (Bug 730400) を追加	Feb. 17, 2018, 10:37 a.m.

Configuration3		or higher	or less	more than	less than
cpe:2.3:a:apache:apache_commons_daemon:1.0.3:::::::*
cpe:2.3:a:apache:apache_commons_daemon:1.0.4:::::::*
cpe:2.3:a:apache:apache_commons_daemon:1.0.5:::::::*
cpe:2.3:a:apache:apache_commons_daemon:1.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
cpe:2.3:a:apache:tomcat:7.0.1:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.3:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:::::::*
cpe:2.3:a:apache:tomcat:7.0.5:::::::*
cpe:2.3:a:apache:tomcat:7.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.7:::::::*
cpe:2.3:a:apache:tomcat:7.0.8:::::::*
cpe:2.3:a:apache:tomcat:7.0.9:::::::*
cpe:2.3:a:apache:tomcat:7.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.11:::::::*
cpe:2.3:a:apache:tomcat:7.0.12:::::::*
cpe:2.3:a:apache:tomcat:7.0.13:::::::*
cpe:2.3:a:apache:tomcat:7.0.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.16:::::::*
cpe:2.3:a:apache:tomcat:7.0.17:::::::*
cpe:2.3:a:apache:tomcat:7.0.19:::::::*
execution environment
1	cpe:2.3:o:linux:linux_kernel::::::::