Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-2607HistoryMay 25, 2006 - 8:02 p.m.
CVE-2006-2607
2006-05-2520:02:00
Debian Security Bug Tracker
security-tracker.debian.org
9
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
47.9%
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cron | < 3.0pl1-64 | cron_3.0pl1-64_all.deb |
| Debian | 11 | all | cron | < 3.0pl1-64 | cron_3.0pl1-64_all.deb |
| Debian | 10 | all | cron | < 3.0pl1-64 | cron_3.0pl1-64_all.deb |
| Debian | 999 | all | cron | < 3.0pl1-64 | cron_3.0pl1-64_all.deb |
| Debian | 13 | all | cron | < 3.0pl1-64 | cron_3.0pl1-64_all.deb |
Related
nessus
nessus
GLSA-200606-07 : Vixie Cron: Privilege Escalation
2006-06-11 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : cron vulnerability (USN-778-1)
2009-06-02 00:00:00
SUSE-SA:2006:027: cron
2006-06-01 00:00:00
centos
centos
vixie security update
2006-07-12 18:56:16
gentoo
gentoo
Vixie Cron: Privilege Escalation
2006-06-09 00:00:00
suse
suse
local privilege escalation in cron
2006-05-31 13:32:34
ubuntucve
ubuntucve
CVE-2006-2607
2006-05-25 00:00:00
cve
cve
CVE-2006-2607
2006-05-25 20:02:00
myhack58
myhack58
redhat
redhat
(RHSA-2006:0539) vixie-cron security update
2006-07-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200606-07 (vixie-cron)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-778-1)
2009-06-05 00:00:00
Gentoo Security Advisory GLSA 200606-07 (vixie-cron)
2008-09-24 00:00:00
prion
prion
Deserialization of untrusted data
2006-05-25 20:02:00
ubuntu
ubuntu
cron vulnerability
2009-06-01 00:00:00
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
47.9%
Related for DEBIANCVE:CVE-2006-2607