CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation

I added a simple PoC video for the CVE-2016-1240 vulnerability. In the PoC I used Ubuntu 16.04 with the latest tomcat7 package (version: 7.0.68-ubuntu-0.1) installed from the default ubuntu repos which appears vulnerable still. The video poc can be found at: http://legalhackers.com/videos/Apache

[SECURITY] [DSA 3700-1] asterisk security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3700-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2016

[SECURITY] [DSA 3701-1] nginx security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3701-1 secur...@debian.org https://www.debian.org/security/ Florian Weimer October 25, 2016

FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-16:15.sysarch [REVISED] Security Advisory The FreeBSD Project Topic: