Hello,
this bug report has received no additional information for eleven years
now. As Javier Fernández-Sanguino Peña considered that the security
issue was not confirmed and asked Jann Horn to describe a proof of
concept, without being replied ... I close this bug report.
Best regards,
tags 691275 moreinfo
thanks
On Tue, Oct 23, 2012 at 09:28:05PM +0200, Jann Horn wrote:
> Debian's crontab contains multiple symlink races. If
> crontab was setuid root (which I think it normally is), this could be used
> to e.g. wipe directories (vulnerable code is in cleanup_tmp_crontab) or for
Package: cron
Version: 3.0pl1-124
Severity: normal
Tags: security
Debian's crontab contains multiple symlink races. If
crontab was setuid root (which I think it normally is), this could be used
to e.g. wipe directories (vulnerable code is in cleanup_tmp_crontab) or for
other attacks. However, as i
3 matches
Mail list logo
