CVE-2007-1856 – crontab denial of service
https://notcve.org/view.php?id=CVE-2007-1856
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c. Vixie Cron anterior a 4.1-r10 en Gentoo Linux es instalado con permisos inseguros, lo cual permite a usuarios locales provocar una denegación de servicio (fallo de cron) creando enlaces duros (hard links), lo cual resulta en el fallo de la comprobación st_nlink en database.c. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://rhn.redhat.com/errata/RHSA-2007-0345.html http://secunia.com/advisories/24905 http://secunia.com/advisories/24995 http://secunia.com/advisories/25321 http://secunia.com/advisories/25723 http://secunia.com/advisories/26909 http://secunia.com/advisories/27706 http://secunia.com/advisories/27886 http://security.gentoo.org/glsa/glsa-200704-11.xml http://support.avaya.com/elmodocs2/security/ASA- •
CVE-2001-0560
https://notcve.org/view.php?id=CVE-2001-0560
Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters). • http://archives.neohapsis.com/archives/bugtraq/2001-02/0197.html http://archives.neohapsis.com/archives/linux/immunix/2001-q1/0066.html http://www-1.ibm.com/support/search.wss?rs=0&q=IY17048&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY17261&apar=only http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-022.php3 http://www.osvdb.org/5583 http://www.redhat.com/support/errata/RHSA-2001-014.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6 •
CVE-2001-0559 – Vixie Cron crontab 3.0 - Privilege Lowering Failure
https://notcve.org/view.php?id=CVE-2001-0559
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. • https://www.exploit-db.com/exploits/20822 https://www.exploit-db.com/exploits/20823 http://www.debian.org/security/2001/dsa-054 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-050.php3 http://www.novell.com/linux/security/advisories/2001_017_cron_txt.html http://www.securityfocus.com/archive/1/183029 http://www.securityfocus.com/bid/2687 https://exchange.xforce.ibmcloud.com/vulnerabilities/6508 •
CVE-1999-0297
https://notcve.org/view.php?id=CVE-1999-0297
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297 •