SciLinux: CVE-2007-1856 vixie-cron SL5.x, SL4.x, SL3,x i386/x86_64
Summary
Date: Mon, 21 May 2007 16:01:26 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for vixie-cron on SL5.x, SL4.x, SL3,x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: vixie-cron security updateIssue date: 2007-05-17CVE Names: CVE-2007-1856Raphael Marichez discovered a denial of service bug in the way vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs. (CVE-2007-1856)SL 3.0.x SRPMS: vixie-cron-4.1-19.EL3.src.rpm i386: vixie-cron-4.1-19.EL3.i386.rpm x86_64: vixie-cron-4.1-19.EL3.x86_64.rpmSL 4.x SRPMS: vixie-cron-4.1-47.EL4.src.rpm i386: vixie-cron-4.1-47.EL4.i386.rpm x86_64: vixie-cron-4.1-47.EL4.x86_64.rpmSL 5.x SRPMS: vixie-cron-4.1-70.el5.src.rpm i386: vixie-cron-4.1-70.el5.i386.rpm x86_64: vixie-cron-4.1-70.el5.x86_64.rpm-Connie Sieh-Troy Dawson