CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0424 – cronie: Race condition by setting timestamp of user's crontab file, when editing the file
https://notcve.org/view.php?id=CVE-2010-0424
25 Feb 2010 — The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory. La funcion edit_cmd en crontab.c en (1) cronie anteriores a v1.4.4 y (2) Vixie cron (vixie-cron) permite a usuarios locales cambiar las horas de modificación de ficheros de forma arbitraria, y consecuentemente producir una denegación de s... • http://git.fedorahosted.org/git/cronie.git?p=cronie.git%3Ba=commit%3Bh=9e4a8fa5f9171fb724981f53879c9b20264aeb61 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •