CVE-2011-1073

crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to 1 determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and 2 perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on...

CVE-2011-1074

crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname...

CVE-2011-1073

crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to 1 determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and 2 perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on...

CVE-2011-1074

crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname...

CVE-2011-1074

CVE-2011-1074 concerns crontab in FreeBSD. A local user can determine the existence of arbitrary directories by supplying a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname. The vulnerability is a local information-disclosure/vector involving...

FreeBSD / MacOS X crontab information leakage

User can retrieve some information about files and directories he has no access to...

SuSE 10 Security Update : cron (ZYPP Patch Number 6865)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. - CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. CVE-2010-0424 %NASLMINLEVEL 70300 C Tenable Network Security,...

linux/x86 setreuid(0,0) add reboot command each minutes 90 bytes

Exploit for linux/x86 platform in category shellcode ==================================================================================== linux/x86 setreuid0,0 and add reboot command each minutes in /etc/crontab 90 bytes...

Fedora 13 : cronie-1.4.4-1.fc13 (2010-3642)

Bug 565809 - CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

openSUSE Security Update : cron (cron-2026)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 11 Security Update : cron (SAT Patch Number 2027)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. Additionally the return value of initgroups is verified now. CVE-2010-0424: CVSS v2 Base Score: 3.6 %NASLMINLEVEL 70300 C Tenable Network Security,...

openSUSE Security Update : cron (cron-2026)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. %NASLMINLEVEL 70300 C Tenable Network Security,...

CVE-2010-0424

CVE-2010-0424 affects cronie (before 1.4.4) and the Vixie cron (vixie-cron). The vulnerability resides in the edit_cmd function in crontab.c, which allows local users to change the modification times of arbitrary files via a symlink attack on a temporary file in /tmp, potentially leading to a den...

Mandriva Update for vixie-cron MDKSA-2007:234 (vixie-cron)

Check for the Version of vixie-cron OpenVAS Vulnerability Test Mandriva Update for vixie-cron MDKSA-2007:234 vixie-cron Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

CVE-2008-5384

crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor...

Authorization

crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor...

CVE-2008-5384

crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor...

CVE-2008-5384

CVE-2008-5384 affects IBM AIX 6.1.0–6.1.2, specifically the crontab component in bos.rte.cron. The underlying issue allows local users with aix.system.config.cron authorization to escalate privileges by launching an editor. Publicly available technical context in connected sources confirms affect...

IBM AIX多个本地溢出及权限提升漏洞

BUGTRAQ ID: 32493 IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX中的多个安全漏洞可能允许本地攻击者触发缓冲区溢出，以提升的权限执行任意操作。 1 /usr/sbin/ndp setuid root程序中存在缓冲区溢出。成功利用这个漏洞要求在运行netcd守护程序。 2 特权的/usr/sbin/autoconf6命令中存在缓冲区溢出。成功利用这个漏洞要求在使用RBAC且攻击者拥有aix.network.config.tcpip授权。 3 如果/etc/qconfig定义漏洞打印队列的话，特权/usr/bin/enq命令中的错误可能导致删除任意文件。 4...

CVE-2008-2538

Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors...