Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-0424
HistoryFeb 25, 2010 - 12:00 a.m.

CVE-2010-0424

2010-02-2500:00:00
ubuntu.com
ubuntu.com
8

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie
cron (vixie-cron) allows local users to change the modification times of
arbitrary files, and consequently cause a denial of service, via a symlink
attack on a temporary file in the /tmp directory.

Notes

Author Note
kees Debian cron is vixie 3.0-based, not 4.1-based, this was in 4.1 and later

Related

nessus 15
openvas 8
fedora 3
nvd 1
redhat 2
gentoo 1
veracode 1
debiancve 1
cvelist 1
cve 1
oraclelinux 1
prion 1
nessus
nessus
Fedora 13 : cronie-1.4.4-1.fc13 (2010-3642)
2010-07-01 00:00:00
Scientific Linux Security Update : vixie-cron on SL5.x i386/x86_64 (20120221)
2012-08-01 00:00:00
SuSE 11 Security Update : cron (SAT Patch Number 2027)
2010-03-19 00:00:00
openvas
openvas
Fedora Update for cronie FEDORA-2010-4300
2010-03-22 00:00:00
Gentoo Security Advisory GLSA 201311-04
2015-09-29 00:00:00
Fedora Update for cronie FEDORA-2010-4300
2010-03-22 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: cronie-1.4.4-1.fc13
2010-03-05 03:33:16
[SECURITY] Fedora 11 Update: cronie-1.3-4.fc11
2010-03-16 00:42:42
[SECURITY] Fedora 12 Update: cronie-1.4.3-4.fc12
2010-02-24 06:12:41
nvd
nvd
CVE-2010-0424
2010-02-25 19:30:00
redhat
redhat
(RHSA-2012:0304) Low: vixie-cron security, bug fix, and enhancement update
2012-02-21 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
gentoo
gentoo
Vixie cron: Denial of service
2013-11-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:10:19
debiancve
debiancve
CVE-2010-0424
2010-02-25 19:30:00
cvelist
cvelist
CVE-2010-0424
2010-02-25 19:00:00
cve
cve
CVE-2010-0424
2010-02-25 19:30:00
oraclelinux
oraclelinux
vixie-cron security, bug fix, and enhancement update
2012-03-01 00:00:00
prion
prion
Directory traversal
2010-02-25 19:30:00

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for UB:CVE-2010-0424
nessus15openvas8fedora3nvd1redhat2gentoo1veracode1debiancve1cvelist1cve1oraclelinux1prion1