Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2012-0304

Опубликовано: 01 мар. 2012
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2012-0304: vixie-cron security, bug fix, and enhancement update (LOW)

[4:4.1-81]

  • 455664 adoptions of crontab orphans, forgot add buffer for list of orphans
  • Related: rhbz#455664

[4:4.1-80]

  • 654961 crond process ignores the changes of user's home directory needs bigger changes of code. The fix wasn't applied, detail in comment#11.
  • Related: rhbz#249512

[4:4.1-79]

  • CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file
  • Resolves: rhbz#741534

[4:4.1-78]

  • 625016 - crond requires a restart if mcstransd is stopped
  • Resolves: rhbz#625016

[4:4.1-78]

  • 460070 entries in cronjobs in /etc/cron.d are checked for valid syntax
  • Resolves: rhbz#460070

[4:4.1-78]

  • 455664 adoptions of crontab orphans
  • 249512 crontab should verify a user's access to PAM cron service
  • Resolves: rhbz#455664, rhbz#249512

[4:4.1-78]

  • 699621 and 699620 man page fix
  • 529632 service crond status return correct status
  • 480930 set correct pie options in CFLAGS and LDFLAGS
  • 476972 crontab error with @reboot entry
  • Resolves: rhbz#699621, rhbz#699620, rhbz#529632, rhbz#480930, rhbz#476972

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

vixie-cron

4.1-81.el5

Oracle Linux x86_64

vixie-cron

4.1-81.el5

Oracle Linux i386

vixie-cron

4.1-81.el5

Связанные CVE

CVE-2010-0424

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2010-0424

ubuntu
больше 15 лет назад

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.

redhat логотип

CVE-2010-0424

redhat
больше 15 лет назад

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.

nvd логотип

CVE-2010-0424

nvd
больше 15 лет назад

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.

debian логотип

CVE-2010-0424

debian
больше 15 лет назад

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) ...

github логотип

GHSA-qhfc-5xch-pg48

github
больше 3 лет назад

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.