What is the severity of CVE-2004-1452?

CVE-2004-1452 is considered a high severity vulnerability due to the potential for local users to gain root access.

How do I fix CVE-2004-1452?

To fix CVE-2004-1452, change the permissions on Tomcat init scripts to restrict access to the tomcat group only.

Who is affected by CVE-2004-1452?

CVE-2004-1452 affects users of Gentoo Linux versions including 1.4, 1.4-rc1, and others listed in the vulnerability details.

What types of attacks are possible due to CVE-2004-1452?

Possible attacks include local privilege escalation, allowing an attacker to execute arbitrary commands with root privileges.

Is CVE-2004-1452 still a relevant threat today?

While CVE-2004-1452 is an older vulnerability, systems using affected versions of Gentoo Linux remain at risk if not patched.

Vulnerability/
CVE-2004-1452

high

7.2

CWE

NVD-CWE-Other

31/12/2004

13/2/2005

8/8/2024

CVE-2004-1452

First published: Fri Dec 31 2004(Updated: )

Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Gentoo Linux	=1.4-rc1
Gentoo Linux	=1.4-rc3
Gentoo Linux	=0.5
Gentoo Linux	=1.1a
Gentoo Linux	=1.4
Gentoo Linux	=0.7
Gentoo Linux	=1.2
Gentoo Linux	=1.4-rc2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-1452?
CVE-2004-1452 is considered a high severity vulnerability due to the potential for local users to gain root access.
How do I fix CVE-2004-1452?
To fix CVE-2004-1452, change the permissions on Tomcat init scripts to restrict access to the tomcat group only.
Who is affected by CVE-2004-1452?
CVE-2004-1452 affects users of Gentoo Linux versions including 1.4, 1.4-rc1, and others listed in the vulnerability details.
What types of attacks are possible due to CVE-2004-1452?
Possible attacks include local privilege escalation, allowing an attacker to execute arbitrary commands with root privileges.
Is CVE-2004-1452 still a relevant threat today?
While CVE-2004-1452 is an older vulnerability, systems using affected versions of Gentoo Linux remain at risk if not patched.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/remedy
agent/last-modified-date
agent/severity
agent/tags
agent/description
agent/event
agent/source
vendor/gentoo
canonical/gentoo linux
version/gentoo linux/1.4-rc1
version/gentoo linux/1.4-rc3
version/gentoo linux/0.5
version/gentoo linux/1.1a
version/gentoo linux/1.4
version/gentoo linux/0.7
version/gentoo linux/1.2
version/gentoo linux/1.4-rc2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2004-1452

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-1452?

How do I fix CVE-2004-1452?

Who is affected by CVE-2004-1452?

What types of attacks are possible due to CVE-2004-1452?

Is CVE-2004-1452 still a relevant threat today?

Company

Resources

Contact