rpm package

opensuse/cronie&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/cronie&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-9704	—	< 1.5.7-86.1	1.5.7-86.1	Mar 12, 2019	Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
CVE-2010-0424	—	< 1.5.0-65.4	1.5.0-65.4	Feb 25, 2010	The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
CVE-2006-2607	—	< 1.5.0-65.4	1.5.0-65.4	May 25, 2006	do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process li

CVE-2019-9704Mar 12, 2019
affected < 1.5.7-86.1fixed 1.5.7-86.1
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
CVE-2010-0424Feb 25, 2010
affected < 1.5.0-65.4fixed 1.5.0-65.4
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
CVE-2006-2607May 25, 2006
affected < 1.5.0-65.4fixed 1.5.0-65.4
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process li