Record the cron Logs

Generally, cron is used to schedule tasks in Linux. Because cron can be exploited by hackers to load malicious code, all the cron logs need to be recorded to trace system exceptions. Otherwise, the exception information cannot be displayed in logs when there are malicious operations. As a result,...

CVE-2023-4677 Unauthenticated Admin Account Takeover Via Cron Log File Backups

Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This iss...