CVE-2007-1856
published 2007-04-18CVE-2007-1856: Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by…
PriorityP46low2.1CVSS 2.0
AVLACLAuNCNINAP
EPSS
0.38%
30.1th percentile
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | cron | — | — |
| paul_vixie | vixie_cron | <= 4.1 | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
crontab denial of service
vendor_redhat·2007-04-10·CVSS 2.1
CVE-2007-1856 [LOW] crontab denial of service
crontab denial of service
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
Debian
CVE-2007-1856: cron - Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions...
vendor_debian·2007·CVSS 2.1
CVE-2007-1856 [LOW] CVE-2007-1856: cron - Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions...
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-jvqr-f98w-8phq: Vixie Cron before 4
ghsa_unreviewed·2022-05-01
CVE-2007-1856 [LOW] GHSA-jvqr-f98w-8phq: Vixie Cron before 4
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2007-1856 crontab denial of service
bugzilla·2007-04-10·CVSS 2.1
CVE-2007-1856 [LOW] CVE-2007-1856 crontab denial of service
CVE-2007-1856 crontab denial of service
+++ This bug was initially created as a clone of Bug #235880 +++
Raphael Marichez of Gentoo reported a denial of service flaw in vixie-cron.
By creating a hardlink to /etc/crontab, cron will stop executing the
/etc/crontab file and deposit an error message in /var/log/cron.
This can be easily tested by running:
ln /etc/crontab /tmp/crontab
tail -f /var/log/cron
Here is the patch from Open Wall Linux:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/vixie-cron/vixie-cron-4.1.20060426-owl-st_nlink.diff?rev=1.1;content-type=text%2Fplain
This flaw also affects FC5
Discussion:
Thanks for patch. Fixed in vixie-cron-4.1-81
---
Reopening, as this is an unfixed security issue.
Marcela: please push the fixed version into FC6.
---
Bugzilla
CVE-2007-1856 crontab denial of service
bugzilla·2007-04-10·CVSS 2.1
CVE-2007-1856 [LOW] CVE-2007-1856 crontab denial of service
CVE-2007-1856 crontab denial of service
Raphael Marichez of Gentoo reported a denial of service flaw in vixie-cron.
By creating a hardlink to /etc/crontab, cron will stop executing the
/etc/crontab file and deposit an error message in /var/log/cron.
This can be easily tested by running:
ln /etc/crontab /tmp/crontab
tail -f /var/log/cron
Here is the patch from Open Wall Linux:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/~checkout~/Owl/packages/vixie-cron/vixie-cron-4.1.20060426-owl-st_nlink.diff?rev=1.1;content-type=text%2Fplain
This flaw also affects RHEL 3 and 4.
Discussion:
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, f
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://rhn.redhat.com/errata/RHSA-2007-0345.htmlhttp://secunia.com/advisories/24905http://secunia.com/advisories/24995http://secunia.com/advisories/25321http://secunia.com/advisories/25723http://secunia.com/advisories/26909http://secunia.com/advisories/27706http://secunia.com/advisories/27886http://security.gentoo.org/glsa/glsa-200704-11.xmlhttp://support.avaya.com/elmodocs2/security/ASA-2007-261.htmhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:234http://www.novell.com/linux/security/advisories/2007_007_suse.htmlhttp://www.securityfocus.com/bid/23520http://www.securitytracker.com/id?1018081http://www.vupen.com/english/advisories/2007/3229https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11463http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://rhn.redhat.com/errata/RHSA-2007-0345.htmlhttp://secunia.com/advisories/24905http://secunia.com/advisories/24995http://secunia.com/advisories/25321http://secunia.com/advisories/25723http://secunia.com/advisories/26909http://secunia.com/advisories/27706http://secunia.com/advisories/27886http://security.gentoo.org/glsa/glsa-200704-11.xmlhttp://support.avaya.com/elmodocs2/security/ASA-2007-261.htmhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:234http://www.novell.com/linux/security/advisories/2007_007_suse.htmlhttp://www.securityfocus.com/bid/23520http://www.securitytracker.com/id?1018081http://www.vupen.com/english/advisories/2007/3229https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11463
2007-04-18
Published