Vulnerabilities > Paul Vixie > Vixie Cron > 4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-25 | CVE-2006-2607 | Local Privilege Escalation vulnerability in Paul Vixie Cron 4.1 do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf. | 7.2 |
2005-05-02 | CVE-2005-1038 | crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. | 2.1 |