Vixie Cron crontab Privilege Lowering Failure Vulnerability

Vixie cron is an implementation of the popular UNIX program that runs user-specified programs at periodic scheduled times.

When a parsing error occurs after a modification operation, crontab will fail to drop privileges correctly for subsequent modification operations.

This vulnerability may be exploited to gain root privileges locally.


 

Privacy Statement
Copyright 2010, SecurityFocus