ID CVE-2005-1038
Summary crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
References
Vulnerable Configurations
  • cpe:2.3:a:paul_vixie:vixie_cron:4.1
    cpe:2.3:a:paul_vixie:vixie_cron:4.1
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
CVSS
Base: 2.1 (as of 14-06-2005 - 10:49)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0117.NASL
    description An updated vixie-cron package that fixes a bug and security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. A bug was found in the way vixie-cron installs new crontab files. It is possible for a local attacker to execute the crontab command in such a way that they can view the contents of another user's crontab file. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1038 to this issue. This update also fixes an issue where cron jobs could start before their scheduled time. All users of vixie-cron should upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 21088
    published 2006-03-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21088
    title RHEL 3 : vixie-cron (RHSA-2006:0117)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0117.NASL
    description An updated vixie-cron package that fixes a bug and security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. A bug was found in the way vixie-cron installs new crontab files. It is possible for a local attacker to execute the crontab command in such a way that they can view the contents of another user's crontab file. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1038 to this issue. This update also fixes an issue where cron jobs could start before their scheduled time. All users of vixie-cron should upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 21880
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21880
    title CentOS 3 : vixie-cron (CESA-2006:0117)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CRON-3092.NASL
    description By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs (CVE-2007-1856). A re-emerged symlink bug allowed users to edit the crontab of other users (CVE-2005-1038).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27190
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27190
    title openSUSE 10 Security Update : cron (cron-3092)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-361.NASL
    description An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. A bug was found in the way vixie-cron installs new crontab files. It is possible for a local attacker to execute the crontab command in such a way that they can view the contents of another user's crontab file. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1038 to this issue. Additionally, this update addresses the following issues : o Fixed improper limits on filename and command line lengths o Improved PAM access control conforming to EAL certification requirements o Improved reliability when running in a chroot environment o Mail recipient name checking disabled by default, can be re-enabled o Added '-p' 'permit all crontabs' option to disable crontab mode checking All users of vixie-cron should upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 19987
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19987
    title RHEL 4 : vixie-cron (RHSA-2005:361)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CRON-3831.NASL
    description By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs. (CVE-2007-1856) A re-emerged symlink bug allowed users to edit the crontab of other users. (CVE-2005-1038) This is a reissue of the SLES10 update after Service Pack 1, since Service Pack 1 merge lost some of the fixes in the cron package.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 29408
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29408
    title SuSE 10 Security Update : cron (ZYPP Patch Number 3831)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-361.NASL
    description An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. A bug was found in the way vixie-cron installs new crontab files. It is possible for a local attacker to execute the crontab command in such a way that they can view the contents of another user's crontab file. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1038 to this issue. Additionally, this update addresses the following issues : o Fixed improper limits on filename and command line lengths o Improved PAM access control conforming to EAL certification requirements o Improved reliability when running in a chroot environment o Mail recipient name checking disabled by default, can be re-enabled o Added '-p' 'permit all crontabs' option to disable crontab mode checking All users of vixie-cron should upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 67026
    published 2013-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67026
    title CentOS 4 : vixie-cron (CESA-2005:361)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CRON-3093.NASL
    description By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs. (CVE-2007-1856) A re-emerged symlink bug allowed users to edit the crontab of other users. (CVE-2005-1038)
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 29407
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29407
    title SuSE 10 Security Update : cron (ZYPP Patch Number 3093)
oval via4
accepted 2013-04-29T04:11:32.347-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
family unix
id oval:org.mitre.oval:def:11104
status accepted
submitted 2010-07-09T03:56:16-04:00
title crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.
version 24
redhat via4
advisories
  • bugzilla
    id 178436
    title network service interruption can cause initgroups() to delay cron job execution by more than one minute
    oval
    AND
    comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhsa:tst:20060015001
    rhsa
    id RHSA-2006:0117
    released 2006-03-15
    severity Low
    title RHSA-2006:0117: vixie-cron security update (Low)
  • rhsa
    id RHSA-2005:361
refmap via4
bid 13024
bugtraq 20050406 crontab from vixie-cron allows read other users crontabs
confirm http://support.avaya.com/elmodocs2/security/ASA-2006-118.htm
secunia
  • 19532
  • 20666
  • 24995
sgi 20060401-01-U
suse SUSE-SR:2007:007
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 21-08-2010 - 00:27
Published 02-05-2005 - 00:00
Last modified 10-10-2017 - 21:30
Back to Top