- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200704-11 (Vixie Cron: Denial of Service)
During an internal audit, Raphael Marichez of the Gentoo Linux Security Team found that Vixie Cron has weak permissions set on Gentoo, allowing for a local user to create hard links to system and users cron files, while a st_nlink check in database.c will generate a superfluous error.
Impact :
Depending on the partitioning scheme and the 'cron' group membership, a malicious local user can create hard links to system or users cron files that will trigger the st_link safety check and prevent the targeted cron file from being run from the next restart or database reload.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top