Debian 2.2: Security Advisory for Cron Local Privilege Escalation
debian
November 18, 2000
The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable toa local attack, discovered by Michal Zalewski.
Summary
The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable to
a local attack, discovered by Michal Zalewski. Several problems, including
insecure permissions on temporary files and race conditions in their
deletion, allowed attacks from a denial of service (preventing the editing
of crontabs) to an escalation of priviledge (when another user edited their
crontab).
As a temporary fix, "chmod go-rx /var/spool/cron/crontabs" prevents the only
available exploit; however, it does not address the problem. We recommend
upgrading to version 3.0pl1-57.1, for Debian 2.2, or 3.0pl1-61, for Debian
unstable.
Also, in the new cron packages, it is no longer possible to specify special
files (devices, named pipes, etc.) by name to crontab. Note that this is
not so much a security fix as a sanity check.
Debian GNU/Linux 2.1 alias slink
Slink is no longer being supported by the Debian Security Team. We highly
recommend an upgrade to the current stable release.
Debian GNU/Linux 2.2 (stable) ali...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!