Lucene search

[email protected]NVD:CVE-2001-0559

HistoryAug 14, 2001 - 4:00 a.m.

CVE-2001-0559

2001-08-1404:00:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.

Affected configurations

NVD

Node

paul_vixievixie_cronRange≤3.0.1

References

www.debian.org/security/2001/dsa-054

www.linux-mandrake.com/en/security/2001/MDKSA-2001-050.php3

www.novell.com/linux/security/advisories/2001_017_cron_txt.html

www.securityfocus.com/archive/1/183029

www.securityfocus.com/bid/2687

exchange.xforce.ibmcloud.com/vulnerabilities/6508

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2001-0559

nessus2 cvelist1 cve1 openvas2