The edit_cmd function in crontab.c in (1) cronie prior to 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fedorahosted cronie |
||
paul vixie vixie cron |