MiracleLinux 3 : vixie-cron-4.1-81.AXS3 (AXSA:2012-254:01)

🗓️ 14 Jan 2026 00:00:00Reported by TenableType

Vixie cron update fixes CVE-2010-0424, adds orphan database, logs invalid cron entries, fixes the reboot behavior and enables PIE.

Reporter	Title	Published	Views	Family All 43
CVE	CVE-2010-0424	25 Feb 201019:00	–	cve
Cvelist	CVE-2010-0424	25 Feb 201019:00	–	cvelist
Debian CVE	CVE-2010-0424	25 Feb 201019:00	–	debiancve
Oracle linux	vixie-cron security, bug fix, and enhancement update	1 Mar 201200:00	–	oraclelinux
EUVD	EUVD-2010-0455	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 11 Update: cronie-1.3-4.fc11	16 Mar 201000:42	–	fedora
Fedora	[SECURITY] Fedora 12 Update: cronie-1.4.3-4.fc12	24 Feb 201006:12	–	fedora
Fedora	[SECURITY] Fedora 13 Update: cronie-1.4.4-1.fc13	5 Mar 201003:33	–	fedora
Tenable Nessus	Fedora 12 : cronie-1.4.3-4.fc12 (2010-2751)	1 Jul 201000:00	–	nessus
Tenable Nessus	Fedora 13 : cronie-1.4.4-1.fc13 (2010-3642)	1 Jul 201000:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/2746
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2012-254:01.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(283925);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/14");

  script_cve_id("CVE-2010-0424");

  script_name(english:"MiracleLinux 3 : vixie-cron-4.1-81.AXS3 (AXSA:2012-254:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the
AXSA:2012-254:01 advisory.

    The vixie-cron package contains the Vixie version of cron.  Cron is a standard UNIX daemon that runs
    specified programs at scheduled times. Vixie cron adds better security and more powerful configuration
    options to the standard version of cron.
    Security issues fixed with this release:
    CVE-2010-0424
    The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local
    users to change the modification times of arbitrary files, and consequently cause a denial of service, via
    a symlink attack on a temporary file in the /tmp directory.
    Fixed bugs:
     A temporary NSS lookup failure often prevented the execution of cron jobs from users with home
    directories mounted on a LDAP server or NFS because such jobs would then be marked as orphaned. This
    update introduces the creation of a orphans database and cron jobs are performed as expected.
     Previously, cron did not log any errors if a cron job file located in the /etc/cron.d/ directory
    contained invalid entries. This has been fixed and invalid entries in the cron job files now produce
    warning messages.
     Previously, the @reboot crontab macro incorrectly ran jobs when the crond daemon was restarted. When used
    on several machines, all entries with the @reboot option were executed every time the crond daemon was
    restarted. This has been fixed and jobs are executed only when the machine is rebooted.
     crontab is now compiled as a position-independent executable (PIE), which enhances the security of the
    system.
     If the parent crond daemon was stopped but the a child daemon was still running, the service crond status
    command incorrectly reported that crond was running.This has been fixed and the service crond status
    command now correctly reports that crond is stopped.
     This update includes a corrected /etc/pam.d/crond file that exports environment variables correctly.
    Setting pam variables via cron now works as documented in the pam(8) manual page.
     Previously, if the crond daemon attempted to use the label modified by mcstrand and mcstransd was not
    running, crond used an incorrect label. Consequently, Security-Enhanced Linux (SELinux) denials filled up
    the cron log, no jobs were executed, and crond had to be restarted. This has been fixed by making
    mcstransd and crond use raw SELinux labels.
     Fixed many typos in the crontab(1) and cron(8) manual pages.
    Enhancement:
     The crontab utility now uses Pluggable Authentication Module for user verification: it prevents users
    from accessing crontab, which was previously possible even if their access had been restricted. Crontab
    now returns an error message informing them that the PAM configuration prevents them from doing so.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/2746");
  script_set_attribute(attribute:"solution", value:
"Update the affected vixie-cron package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-0424");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/03/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:vixie-cron");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'vixie-cron-4.1-81.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vixie-cron');
}

14 Jan 2026 00:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 23.3

EPSS0.001