Apache Tomcat Permissions Privileges and Access Controls Vulnerability - CVE-2011-2729

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons as used in Apache Tomcat 5.5.32 through 5.5.33 6.0.30 through 6.0.32 and 7.0.x before 7.0.20 on Linux does not drop capabilities which allows remote attackers to bypass read permissions for files via a request to an application.