Paul Vixie

Vixie Cron

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.35%
  • Veröffentlicht 25.02.2010 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:16:08

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file...

  • EPSS 0.38%
  • Veröffentlicht 18.04.2007 03:19:00
  • Zuletzt bearbeitet 16.06.2026 22:38:25

Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.

Exploit
  • EPSS 0.57%
  • Veröffentlicht 25.05.2006 20:02:00
  • Zuletzt bearbeitet 16.06.2026 22:25:23

do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a progr...

Exploit
  • EPSS 0.54%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:19

crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2...

Exploit
  • EPSS 0.51%
  • Veröffentlicht 22.08.2001 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:54:32

Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters).

Exploit
  • EPSS 1.1%
  • Veröffentlicht 14.08.2001 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:54:32

crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.

Exploit
  • EPSS 0.79%
  • Veröffentlicht 09.01.2001 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:53:08

crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to exec...

  • EPSS 0.8%
  • Veröffentlicht 25.08.1999 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:49:01

Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.

  • EPSS 0.36%
  • Veröffentlicht 25.08.1999 04:00:00
  • Zuletzt bearbeitet 16.06.2026 21:49:13

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

  • EPSS 0.4%
  • Veröffentlicht 12.12.1996 05:00:00
  • Zuletzt bearbeitet 16.06.2026 21:48:05

Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.