Vixie Cron

vixie_cron

Vendor: Paul Vixie • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-0424 2Fedorahosted Paul Vixie 2Cronie Vixie Cron Apr 29, 2026 Feb 25, 2010 N/A· v4 N/A· v3 3.3 LOW· v2 The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a syml...Show more The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.Show less
CVE-2007-1856 1Paul Vixie 1Vixie Cron Apr 23, 2026 Apr 18, 2007 N/A· v4 N/A· v3 2.1 LOW· v2 Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in d...Show more Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.Show less
CVE-2006-2607 1Paul Vixie 1Vixie Cron Apr 16, 2026 May 25, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as orig...Show more do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.Show less
CVE-2005-1038 2Paul Vixie Redhat 2Enterprise Linux Vixie Cron Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whethe...Show more crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.Show less
CVE-2001-0560 1Paul Vixie 1Vixie Cron Apr 16, 2026 Aug 22, 2001 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters).
CVE-2001-0559 1Paul Vixie 1Vixie Cron Apr 16, 2026 Aug 14, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to...Show more crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.Show less
CVE-2000-1096 1Paul Vixie 1Vixie Cron Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 3.7 LOW· v2 crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the c...Show more crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file.Show less
CVE-1999-0872 4Caldera DebianPaul Vixie+1 more 4Debian Linux LinuxOpenlinux+1 more Apr 16, 2026 Aug 25, 1999 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
CVE-1999-0769 4Caldera DebianPaul Vixie+1 more 4Debian Linux LinuxOpenlinux+1 more Apr 16, 2026 Aug 25, 1999 N/A· v4 N/A· v3 7.2 HIGH· v2 Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
CVE-1999-0297 5Bsdi FreebsdNetbsd+2 more 5Bsd Os FreebsdLinux+2 more Apr 16, 2026 Dec 12, 1996 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.