[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege escalation vulnerability in cron - CVE-2017-9525

Deprecated
ID: oval:org.secpod.oval:def:44755Date: (C)2018-03-21   (M)2023-12-20
Class: VULNERABILITYFamily: unix




In the cron package through 3.0pl1-128 on Debian, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.

Platform:
Debian 7
Debian 8
Debian 9
Product:
cron
Reference:
CVE-2017-9525
CVE    1
CVE-2017-9525
CPE    4
cpe:/o:debian:debian_linux:7.x
cpe:/o:debian:debian_linux:8.x
cpe:/a:isc:cron
cpe:/o:debian:debian_linux:9.x
...

© SecPod Technologies