8 matches found
SUSE CVE-2007-1856
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service cron failure by creating hard links, which results in a failed stnlink check in database.c...
Oracle Linux 5 : Moderate: / vixie-cron (ELSA-2007-0345)
The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2007-0345 advisory. 4.1-47.EL4 - removed patches for 192783, 178836 because of frozen errata - added only patch for CVE-2007-1856 crontab denial of service - Resolves: rhbz235880...
Scientific Linux Security Update : vixie-cron on SL5.x, SL4.x, SL3.x i386/x86_64
Raphael Marichez discovered a denial of service bug in the way vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs. CVE-2007-1856 %NASLMINLEVEL 70300 C Tenable Network Securit...
Mandriva Update for vixie-cron MDKSA-2007:234 (vixie-cron)
Check for the Version of vixie-cron OpenVAS Vulnerability Test Mandriva Update for vixie-cron MDKSA-2007:234 vixie-cron Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
openSUSE 10 Security Update : cron (cron-3092)
By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs CVE-2007-1856. A re-emerged symlink bug allowed users to edit the crontab of other users CVE-2005-1038. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
Moderate: vixie-cron security update
4.1-47.EL4 - removed patches for 192783, 178836 because of frozen errata - added only patch for CVE-2007-1856 crontab denial of service - Resolves: rhbz235880 4.1-46.EL4 - Resolves: 235880 CVE-2007-1856 crontab denial of service 4.1-45.EL4 - rhbz192783 - rhbz178836...
CVE-2007-1856
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service cron failure by creating hard links, which results in a failed stnlink check in database.c...
CVE-2007-1856
CVE-2007-1856 is a local denial-of-service vulnerability in vixie-cron (pre‑4.1-r10 on Gentoo) where insecure permissions enable a local user to create a hard link to /etc/crontab, causing cron to fail (st_nlink check in database.c). Multiple advisories confirm the issue and provide fixes. Affect...