Published: 12/03/2019 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

It exists that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. (CVE-2017-9525)

Vulnerable Product	Search on Vulmon	Subscribe to Product
cron project cron
debian debian linux 8.0
debian debian linux 9.0
fedoraproject fedora 29

Several security issues were fixed in Cron ...

USN-5259-1 and USN-5259-2 introduced a regression in Cron ...

Several security issues were fixed in Cron ...

Impact: Low Public Date: 2019-03-08 CWE: CWE-400 Bugzilla: 1687694: CVE-2019-9705 vixie-cron: dos(memor ...

Cronie cron daemon project

Cronie Cronie contains the standard UNIX daemon crond that runs specified programs at scheduled times and related tools The source is based on the original vixie-cron and has security and configuration enhancements like the ability to use pam and SELinux And why cronie? [wwwurbandictionarycom/definephp?term=cronie] Download Latest released version is 171 User vis

CWE-770 https://salsa.debian.org/debian/cron/commit/26814a26 http://www.securityfocus.com/bid/107378 https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/https://nvd.nist.gov https://ubuntu.com/security/notices/USN-5259-2

CVE-2019-9705

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect