13 matches found
SUSE CVE-2019-9706
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service use-after-free and daemon crash because of a forcerescanuser error...
Ubuntu: Security Advisory (USN-5259-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5259-2: Cron vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that the postinst maintainer script in Cron...
Ubuntu: Security Advisory (USN-5259-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5259-2: Cron vulnerabilities
USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker...
Debian: Security Advisory (DLA-2801-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2801-1] cron security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2801-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 30, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2801-1 : cron - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2801 advisory. - In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root...
[SECURITY] [DLA 1723-1] cron security update
Package : cron Version : 3.0pl1-127+deb8u2 CVE ID : CVE-2017-9525 CVE-2019-9704 CVE-2019-9705 CVE-2019-9706 Debian Bug : 809167 Various security problems have been discovered in Debians CRON scheduler. CVE-2017-9525 Fix group crontab to root escalation via the Debian packages postinst script as...
Debian: Security Advisory (DLA-1723-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-9706
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service use-after-free and daemon crash because of a forcerescanuser error...
CVE-2019-9706
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service use-after-free and daemon crash because of a forcerescanuser error...
CVE-2019-9706
CVE-2019-9706 affects Vixie Cron (Debian package cron) prior to the patched release 3.0pl1-133, where a force_rescan_user use-after-free can crash the daemon, enabling local denial of service. Public disclosures in Ubuntu/Debian advisories (USN USN-5259-2/3) and related OSSV/OpenVAS entries confi...