Lucene search
PRIOn knowledge basePRION:CVE-2010-0424HistoryFeb 25, 2010 - 7:30 p.m.
Directory traversal
2010-02-2519:30:00
PRIOn knowledge base
www.prio-n.com
3
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
References
secunia.com/advisories/38700
secunia.com/advisories/38741
secunia.com/advisories/48104
www.securityfocus.com/bid/38391
bugzilla.redhat.com/show_bug.cgi?id=565809
git.fedorahosted.org/git/cronie.git?p=cronie.git%3Ba=commit%3Bh=9e4a8fa5f9171fb724981f53879c9b20264aeb61
lists.fedoraproject.org/pipermail/package-announce/2010-February/035762.html
Related
nessus
nessus
SuSE 11 Security Update : cron (SAT Patch Number 2027)
2010-03-19 00:00:00
SuSE 10 Security Update : cron (ZYPP Patch Number 6864)
2010-03-19 00:00:00
openSUSE Security Update : cron (cron-2026)
2010-03-19 00:00:00
gentoo
gentoo
Vixie cron: Denial of service
2013-11-07 00:00:00
openvas
openvas
RedHat Update for vixie-cron RHSA-2012:0304-03
2012-02-21 00:00:00
RedHat Update for vixie-cron RHSA-2012:0304-03
2012-02-21 00:00:00
Fedora Update for cronie FEDORA-2010-4300
2010-03-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:10:19
debiancve
debiancve
CVE-2010-0424
2010-02-25 19:30:00
fedora
fedora
[SECURITY] Fedora 11 Update: cronie-1.3-4.fc11
2010-03-16 00:42:42
[SECURITY] Fedora 13 Update: cronie-1.4.4-1.fc13
2010-03-05 03:33:16
[SECURITY] Fedora 12 Update: cronie-1.4.3-4.fc12
2010-02-24 06:12:41
cvelist
cvelist
CVE-2010-0424
2010-02-25 19:00:00
nvd
nvd
CVE-2010-0424
2010-02-25 19:30:00
redhat
redhat
(RHSA-2012:0304) Low: vixie-cron security, bug fix, and enhancement update
2012-02-21 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
cve
cve
CVE-2010-0424
2010-02-25 19:30:00
oraclelinux
oraclelinux
vixie-cron security, bug fix, and enhancement update
2012-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2010-0424
2010-02-25 00:00:00