RSS   Vulnerabilities for 'CRON'   RSS

2017-06-09
 
CVE-2017-9525

CWE-59
 

 
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.

 


Copyright 2024, cxsecurity.com

 

Back to Top