Xxe

crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to 1 determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and 2 perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on...

CVE-2011-1074

crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname...

CVE-2011-1073

CVE-2011-1073 affects the crontab component of FreeBSD and Apple macOS. The vulnerability arises from two symlink attacks against temporary files named /tmp/crontab.XXXXXXXXXX, enabling a local user to (1) determine the existence of arbitrary files and (2) perform MD5 checksum comparisons on arbi...

CVE-2011-1074

CVE-2011-1074 concerns crontab in FreeBSD. A local user can determine the existence of arbitrary directories by supplying a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname. The vulnerability is a local information-disclosure/vector involving...

CVE-2010-0424

The editcmd function in crontab.c in 1 cronie before 1.4.4 and 2 Vixie cron vixie-cron allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory...