<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-2729" target="_blank">CVE</a>)</em> : native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.

Upgrade to version 7.0.20 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. The fix for this issue has also been slated for inclusion in versions 5.5.34 and 6.0.33.

• Security Tracker: 1025925
• OVAL ID: 14743
• CVE ID: 2011-2729 (see also: NVD)
• Secunia Advisory ID: 45641 46030 46050 46960 47215 47379 48841 49702 50395 50745 52816
• Bugtraq ID: 49143
• ISS X-Force ID: 69161
• Vendor Specific Advisory URL: http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-218
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03090723
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281831
  http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-05-584&viewMode=view
  https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java
  https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03716627
• Vendor Specific News/Changelog Entry: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00024.html
  http://people.apache.org/~markt/patches/2011-08-12-cve2011-2729-tc5.patch
  http://security.gentoo.org/glsa/glsa-201206-24.xml
  http://svn.apache.org/viewvc?view=revision&revision=1152701
  http://svn.apache.org/viewvc?view=revision&revision=1153824
  http://tomcat.apache.org/security-5.html
  http://tomcat.apache.org/security-6.html
  http://tomcat.apache.org/security-7.html
  http://www.ibm.com/support/docview.wss?uid=swg21609004
  http://www.ubuntu.com/usn/usn-1298-1/
  https://bugzilla.redhat.com/show_bug.cgi?id=730400
  https://issues.apache.org/jira/browse/BIGTOP-812
  https://issues.apache.org/jira/browse/DAEMON-214
• Other Advisory URL: http://mail-archives.apache.org/mod_mbox/commons-dev/201108.mbox/%[email protected]%3E
  http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%[email protected]%3E
• Mail List Post: http://marc.info/?l=bugtraq&m=132215163318824&w=2
  http://seclists.org/bugtraq/2012/Apr/114
• Packet Storm: http://packetstormsecurity.com/files/121037/HP-Security-Bulletin-HPSBUX02860-SSRT101146.html
  http://packetstormsecurity.org/files/111920/HP-Security-Bulletin-HPSBOV02762-SSRT100825.html
• Vendor Specific Solution URL: http://svn.apache.org/viewvc?view=revision&revision=1153379
• RedHat RHSA: RHSA-2011:1291 RHSA-2011:1292

• Wilfried Weissmann