Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0559

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0559
Last Modified 10 Sep 2008 03:08:24
Published 14 Aug 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0559

Summary

crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.

Vulnerable Systems

Application

  • Paul Vixie Vixie Cron 3.0.1


References

BID - 2687

BUGTRAQ - 20010507 Vixie cron vulnerability

MANDRAKE - MDKSA-2001:050

DEBIAN - DSA-054

XF - vixie-cron-gain-privileges(6508)

SUSE - SuSE-SA:2001:17


Last Updated: 27 May 2016 10:36:18