Debian: 'cron' vulnerability

    Date17 Nov 2000
    CategoryDebian
    2757
    Posted ByLinuxSecurity Advisories
    The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable toa local attack, discovered by Michal Zalewski.
    
    - ----------------------------------------------------------------------------
    Debian Security Advisory                                 This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                            Daniel Jacobowitz
    November 17, 2000
    - ----------------------------------------------------------------------------
    
    Package: cron
    Vulnerability: local priviledge escalation
    Debian-specific: no
    Vulnerable: yes
    
    The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable to
    a local attack, discovered by Michal Zalewski.  Several problems, including
    insecure permissions on temporary files and race conditions in their
    deletion, allowed attacks from a denial of service (preventing the editing
    of crontabs) to an escalation of priviledge (when another user edited their
    crontab).
    
    As a temporary fix, "chmod go-rx /var/spool/cron/crontabs" prevents the only
    available exploit; however, it does not address the problem.  We recommend
    upgrading to version 3.0pl1-57.1, for Debian 2.2, or 3.0pl1-61, for Debian
    unstable.
    
    Also, in the new cron packages, it is no longer possible to specify special
    files (devices, named pipes, etc.) by name to crontab.  Note that this is
    not so much a security fix as a sanity check.
    
    Debian GNU/Linux 2.1 alias slink
    - --------------------------------
    
      Slink is no longer being supported by the Debian Security Team.  We highly
      recommend an upgrade to the current stable release.
    
    Debian GNU/Linux 2.2 (stable) alias potato
    - ------------------------------------------
    
      Fixes are currently available for the Alpha, ARM, Intel ia32, Motorola 680x0,
      PowerPC and Sun SPARC architectures, and will be included in 2.2r2.
    
      Source archives:
        
    http://security.debian.org/dists/potato/updates/main/source/cron_3.0pl1-57.1.diff.gz
          MD5 checksum: 4fac4be2841908090d1c877a65cf5ef9
        
    http://security.debian.org/dists/potato/updates/main/source/cron_3.0pl1-57.1.dsc
          MD5 checksum: caed3f1556203618544eec823347df30
        
    http://security.debian.org/dists/potato/updates/main/source/cron_3.0pl1.orig.tar.gz
          MD5 checksum: 4c64aece846f8483daf440f8e3dd210f
    
      Alpha architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-alpha/cron_3.0pl1-57.1_alpha.deb
          MD5 checksum: 3b146f5227182343d3b20cf8fce8a86c
    
      ARM architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-arm/cron_3.0pl1-57.1_arm.deb
          MD5 checksum: 559e80e83abf371a8d09759ee900daf5
    
      Intel IA32 architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-arm/cron_3.0pl1-57.1_i386.deb
          MD5 checksum: 922bb72b07a05fb888771364697f52e1
    
      Motorola 680x0 architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-m68k/cron_3.0pl1-57.1_m68k.deb
          MD5 checksum: 2e0d8152ec03a66bb88ba84215fe4de3
    
      PowerPC architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-powerpc/cron_3.0pl1-57.1_powerpc.deb
          MD5 checksum: 16ad8c4a26436239e7a25260340be6d5
    
      Sun Sparc architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-sparc/cron_3.0pl1-57.1_sparc.deb
          MD5 checksum: 2bd401a635eedc47e9f6dd1652f71e35
    
    Debian GNU/Linux Unstable alias woody
    - -------------------------------------
    
      This version of Debian is not yet released.
    
      Fixes will be made available for Alpha, ARM, Intel ia32, Motorola 680x0,
      PowerPC, and SPARC in the Debian archive over the next several days.
    
    - ----------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"65","type":"x","order":"1","pct":57.52,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.27,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.2,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.