Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Gentoo: GLSA-202103-09 Critical: Vixie Cron Security Flaw

gentoo
Calendar Grey June 9, 2006
Dist Gentoo Esm H88
Gentoo Linux Security Announcement GLSA 201906-10 highlights the OpenSSL security flaw which poses a critical threat.
Vixie Cron allows local users to execute programs as root.

Summary

Gentoo Linux Security Advisory GLSA 200606-07 https://security.gentoo.org/ Severity: High Title: Vixie Cron: Privilege Escalation Date: June 09, 2006 Bugs: #134194 ID: 200606-07

Synopsis ======= Vixie Cron allows local users to execute programs as root.
Background ========= Vixie Cron is a command scheduler with extended syntax over cron.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-process/vixie-cron < 4.1-r9 >= 4.1-r9
========== Roman Veretelnikov discovered that Vixie Cron fails to properly check whether it can drop privileges accordingly if setuid() in do_command.c fails due to a user exceeding assigned resource limits.
Impact ===== Local users can e...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo privilege escalation vixie cron

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/33567_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics%20covered

Topics Covered

security advisory high severity gentoo privilege escalation vixie cron

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here