7.2
CVE-2006-2607
- EPSS 0.04%
- Published 25.05.2006 20:02:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
Data is provided by the National Vulnerability Database (NVD)
Paul Vixie ≫ Vixie Cron Version4.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.102 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|