Design/Logic Flaw

Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors...

CVE-2008-2538

Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors...

CVE-2008-2538

CVE-2008-2538 affects Sun Solaris 8–10 and OpenSolaris before snv_93. The vulnerability allows a local user to insert cron jobs into arbitrary users’ crontab files via unspecified vectors, due to an unspecified flaw in crontab handling. Impact is local privilege escalation (crontab modification f...

Analysis of Linux Backdoor techniques and practices-the vulnerability of early warning-the black bar safety net

| | Page 1 of: analysis of the Linux Backdoor technique and practice methods --- | --- The back door introduction The intruder complete control of the system, to facilitate the next time you enter and use a technology. Generally by modifying system configuration files and installation of...

SuSE 10 Security Update : cron (ZYPP Patch Number 3093)

By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs. CVE-2007-1856 A re-emerged symlink bug allowed users to edit the crontab of other users. CVE-2005-1038 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C...

SuSE 10 Security Update : cron (ZYPP Patch Number 3831)

By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs. CVE-2007-1856 A re-emerged symlink bug allowed users to edit the crontab of other users. CVE-2005-1038 This is a reissue of the SLES10 update after Service Pack 1, since Service Pack 1 merge lost so...

Mandrake Linux Security Advisory : vixie-cron (MDKSA-2007:234)

Raphael Marichez discovered a denial of service bug in how vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab could prevent vixie-cron from executing certain system cron jobs. The updated packages have been patched to correct this issue...

CVE-2007-4621

Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments...

Buffer overflow

Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments...

CVE-2007-4621

Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments...

CVE-2007-4621

CVE-2007-4621 describes a local privilege escalation in IBM AIX 5.2 via a buffer overflow in the crontab main function when copying user-supplied command line arguments into a fixed-size BSS buffer. Successful exploitation allows an attacker to execute arbitrary code with root privileges, requiri...

IBM AIX Crontab本地权限提升漏洞

BUGTRAQ ID: 26263 CVECAN ID: CVE-2007-4621 IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX的crontab程序的主函数中存在缓冲区溢出漏洞，本地攻击者可能利用此漏洞提升权限。 在处理命令行参数时，crontab程序未经执行边界检查便将用户提供的参数拷贝到了固定大小的BSS缓冲区，因此攻击者可以覆盖BSS内存区域中所存储的大部分数据，导致以root权限执行任意指令。 IBM AIX 5.2 临时解决方法： 删除crontab程序的set-uid位。 厂商补丁： IBM ---...

iDefense Security Advisory 10.30.07: IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability

IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability iDefense Security Advisory 10.30.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 30, 2007 I. BACKGROUND The crontab program is a user utility that enables users to create, remove, and edit cron jobs. The cron jobs will then later...

HP-UX Security Patch : PHCO_27141

cumulative crontab/at/cron patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26254; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

HP-UX Security Patch : PHCO_24702

cumulative crontab/at/cron patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26237; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

CVE-2007-3306

CVE-2007-3306 describes a PHP remote file inclusion in MiniBill 1.2.5. The flaw is in crontab/run_billing.php where an attacker can cause arbitrary PHP code execution by supplying a URL in the config[include_dir] parameter. The connected documents corroborate MiniBill 1.2.5 as affected and point ...

MiniBill 1.2.5 - run_billing.php Remote File Inclusion

MiniBill 1.2.5 - runbilling.php Remote File Inclusion ======================================================= MiniBill 2007-04-09 v1.2.5 Remote File include Vulnerabilities ======================================================= Found By : Abo0od , [email protected]...

MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion

======================================================= MiniBill 2007-04-09 v1.2.5 Remote File include Vulnerabilities ======================================================= Found By : Abo0od , [email protected] ======================================================= Homepage:...

RHEL 3 / 4 / 5 : vixie-cron (RHSA-2007:0345)

Updated vixie-cron packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified...

Hack advanced skills Linux back door technology and practice-vulnerability warning-the black bar safety net

The back door introduction The intruder complete control of the system, to facilitate the next time you enter and use a technology. Generally by modifying system configuration files and installation of third-party back-door tool to achieve. Has a hidden, can bypass the system log, not easy to be...