CVE-2007-1856

7 documents6 sources

Severity

2.1LOW

EPSS

0.1%

top 77.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Paul Vixie Vixie Cron

Timeline

PublishedApr 18

Latest updateMay 1

Description

Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDpaul_vixie/vixie_cron4.1

🔴Vulnerability Details

GHSA

GHSA-jvqr-f98w-8phq: Vixie Cron before 4↗2022-05-01

▶

CVEList

CVE-2007-1856: Vixie Cron before 4↗2007-04-18

▶

📋Vendor Advisories

Red Hat

crontab denial of service↗2007-04-10

▶

Debian

CVE-2007-1856: cron - Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions...↗2007

▶

💬Community

Bugzilla

CVE-2007-1856 crontab denial of service↗2007-04-10

▶

Bugzilla

CVE-2007-1856 crontab denial of service↗2007-04-10

▶