Malicious code in cron-kappa-bash-serialize-beta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53deafc5f542e358e2be400b3647937108a888871b1dd73316f4f4157605370b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2017-18456

Malware in sbrugna...

Malicious code in @sensort/cron (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7c0ebacc703edeb057fef3431d63da809c1a943796b8a82b6f14c9fe31f116e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Linux Distros Unpatched Vulnerability : CVE-2017-9525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root...

SUSE CVE-2017-9525

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...

Ubuntu: Security Advisory (USN-5259-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5259-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM : Cron vulnerabilities (USN-5259-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5259-1 advisory. It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker...

Debian: Security Advisory (DLA-2801-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Privilege Escalation

systemd-cron:sid is vulnerable to privilege escalation. In the cron package, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...

Debian cron package elevation of privilege vulnerability

Debian is a free operating system with a Linux or FreeBSD kernel created by the Debian Project Collaboration. ubuntu is an open source GNU/Linux operating system. cron package is one of the scheduling daemon installers. An elevation of privilege vulnerability exists in cron package 3.0pl1-128 and...

CVE-2017-9525

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...

CVE-2017-9525

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...

Design/Logic Flaw

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...

CVE-2017-9525

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...

Ubuntu: Security Advisory (USN-778-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 10 Security Update : cron (cron-3092)

By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs CVE-2007-1856. A re-emerged symlink bug allowed users to edit the crontab of other users CVE-2005-1038. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

[SECURITY] [DSA-054-1] cron local root exploit

Package : cron Problem type : local root exploit Debian-specific: no A recent fall 2000 security fix to cron introduced an error in giving up privileges before invoking the editor. A malicious user could easily gain root access. This has been fixed in version 3.0pl1-57.3 or 3.0pl1-67 for unstable...

HP-UX 10.2011.0 - crontab tmp File

HP-UX 10.2011.0 - crontab tmp File source: https://www.securityfocus.com/bid/1845/info crontab is a binary in the cron package of the HP-UX cron implementation which allows a user to create a file of scheduled commands. A vulnerabiltiy in crontab exists that allows a user to read any file on an...

[SECURITY] New versions of cron fixes possible root exploit

Debian Security Advisory [email protected] http://www.debian.org/security/ Martin Schulze August 30, 1999 Red Hat has recently released a Security Advisory RHSA-1999:030-01 covering a reverse denial of service bug in the vixie cron package. As user you could restart sendmail even if the host...