Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2010-0424
HistoryFeb 25, 2010 - 7:30 p.m.

CVE-2010-0424

2010-02-2519:30:00
CWE-59
redhat
web.nvd.nist.gov
58
cve-2010-0424
crontab.c
cronie
vixie cron
symlink attack
denial of service
nvd

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

JSON

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.

Affected configurations

Nvd
Node
fedorahostedcronieRange1.4.3
OR
paul_vixievixie_cron
VendorProductVersionCPE
fedorahostedcronie*cpe:2.3:a:fedorahosted:cronie:*:*:*:*:*:*:*:*
paul_vixievixie_cron*cpe:2.3:a:paul_vixie:vixie_cron:*:*:*:*:*:*:*:*

Related

nessus 15
openvas 8
veracode 1
gentoo 1
debiancve 1
prion 1
fedora 3
ubuntucve 1
oraclelinux 1
cvelist 1
redhat 2
nvd 1
osv 1
nessus
nessus
SuSE 11 Security Update : cron (SAT Patch Number 2027)
2010-03-19 00:00:00
openSUSE Security Update : cron (cron-2026)
2010-03-19 00:00:00
Oracle Linux 5 : vixie-cron (ELSA-2012-0304)
2013-07-12 00:00:00
openvas
openvas
RedHat Update for vixie-cron RHSA-2012:0304-03
2012-02-21 00:00:00
RedHat Update for vixie-cron RHSA-2012:0304-03
2012-02-21 00:00:00
Oracle: Security Advisory (ELSA-2012-0304)
2015-10-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:10:19
gentoo
gentoo
Vixie cron: Denial of service
2013-11-07 00:00:00
debiancve
debiancve
CVE-2010-0424
2010-02-25 19:30:00
prion
prion
Directory traversal
2010-02-25 19:30:00
fedora
fedora
[SECURITY] Fedora 12 Update: cronie-1.4.3-4.fc12
2010-02-24 06:12:41
[SECURITY] Fedora 11 Update: cronie-1.3-4.fc11
2010-03-16 00:42:42
[SECURITY] Fedora 13 Update: cronie-1.4.4-1.fc13
2010-03-05 03:33:16
ubuntucve
ubuntucve
CVE-2010-0424
2010-02-25 00:00:00
oraclelinux
oraclelinux
vixie-cron security, bug fix, and enhancement update
2012-03-01 00:00:00
cvelist
cvelist
CVE-2010-0424
2010-02-25 19:00:00
redhat
redhat
(RHSA-2012:0304) Low: vixie-cron security, bug fix, and enhancement update
2012-02-21 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
nvd
nvd
CVE-2010-0424
2010-02-25 19:30:00
osv
osv
cron-4.2-65.4 on GA media
2024-06-15 00:00:00

CVSS2

3.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2010-0424
nessus15openvas8veracode1gentoo1debiancve1prion1fedora3ubuntucve1oraclelinux1cvelist1redhat2nvd1osv1