Lucene search

Veracode Vulnerability DatabaseVERACODE:32800

HistoryNov 04, 2021 - 10:27 a.m.

Denial Of Service (DoS)

2021-11-0410:27:31

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

Vixie Cron is vulnerable to denial of service. The vulnerability exists due to memory consumption via a large crontab file due to an unlimited number of lines being accepted into the system.

CPENameOperatorVersion
cron:stretcheq3.0pl1-128+deb9u1
cron:stretcheq3.0pl1-128+deb9u1
cron:bioniceq3.0pl1-128.1ubuntu1

Name	Operator	Version
cron:stretch	eq	3.0pl1-128+deb9u1
cron:stretch	eq	3.0pl1-128+deb9u1
cron:bionic	eq	3.0pl1-128.1ubuntu1

References

www.securityfocus.com/bid/107378

lists.debian.org/debian-lts-announce/2019/03/msg00025.html

lists.debian.org/debian-lts-announce/2021/10/msg00029.html

lists.fedoraproject.org/archives/list/[email protected]/message/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/

salsa.debian.org/debian/cron/commit/26814a26

security-tracker.debian.org/tracker/CVE-2019-9705

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for VERACODE:32800