The vixie-cron package contains the Vixie version of cron. Cron is a
standard UNIX daemon that runs specified programs at scheduled times.
A privilege escalation flaw was found in the way Vixie Cron runs programs;
vixie-cron does not properly verify an attempt to set the current process
user id succeeded. It was possible for a malicious local users who
exhausted certain limits to execute arbitrary commands as root via cron.
(CVE-2006-2607)
All users of vixie-cron should upgrade to these updated packages, which
contain a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.ppc.rpm |
RedHat | any | x86_64 | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.x86_64.rpm |
RedHat | any | s390x | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.s390x.rpm |
RedHat | any | i386 | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.i386.rpm |
RedHat | any | ia64 | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.ia64.rpm |
RedHat | any | src | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.src.rpm |
RedHat | any | s390 | vixie-cron | < 4.1-44.EL4 | vixie-cron-4.1-44.EL4.s390.rpm |