The system could be made to run programs as an administrator.
Software Description:
- tomcat6: Servlet and JSP engine
Details:
Dawid Golunski discovered that the Tomcat init script incorrectly
handled creating log files. A remote attacker could possibly use this
issue to obtain root privileges. (CVE-2016-1240)
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libservlet2.5-java 6.0.45+dfsg-1ubuntu0.2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3081-2
https://ubuntu.com/security/notices/USN-3081-1
CVE-2016-1240
Get the latest Linux and open source security news straight to your inbox.