Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2006:0117

The remote host is missing updates announced in
advisory RHSA-2006:0117.

The vixie-cron package contains the Vixie version of cron. Cron is a
standard UNIX daemon that runs specified programs at scheduled times.

A bug was found in the way vixie-cron installs new crontab files. It is
possible for a local attacker to execute the crontab command in such a way
that they can view the contents of another user's crontab file. The Common
Vulnerabilities and Exposures project assigned the name CVE-2005-1038 to
this issue.

This update also fixes an issue where cron jobs could start before their
scheduled time.

All users of vixie-cron should upgrade to this updated package, which
contains backported patches and is not vulnerable to these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Medium

CVSS Score:

Cross-Ref: BugTraq ID: 13024
Common Vulnerability Exposure (CVE) ID: CVE-2005-1038
Bugtraq: 20050406 crontab from vixie-cron allows read other users crontabs (Google Search)
SGI Security Advisory: 20060401-01-U
SuSE Security Announcement: SUSE-SR:2007:007 (Google Search)
CopyrightCopyright (c) 2006 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.