LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: 'cron' vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable toa local attack, discovered by Michal Zalewski.

- ----------------------------------------------------------------------------
Debian Security Advisory                                 security@debian.org 
http://www.debian.org/security/                            Daniel Jacobowitz
November 17, 2000
- ----------------------------------------------------------------------------

Package: cron
Vulnerability: local priviledge escalation
Debian-specific: no
Vulnerable: yes

The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable to
a local attack, discovered by Michal Zalewski.  Several problems, including
insecure permissions on temporary files and race conditions in their
deletion, allowed attacks from a denial of service (preventing the editing
of crontabs) to an escalation of priviledge (when another user edited their
crontab).

As a temporary fix, "chmod go-rx /var/spool/cron/crontabs" prevents the only
available exploit; however, it does not address the problem.  We recommend
upgrading to version 3.0pl1-57.1, for Debian 2.2, or 3.0pl1-61, for Debian
unstable.

Also, in the new cron packages, it is no longer possible to specify special
files (devices, named pipes, etc.) by name to crontab.  Note that this is
not so much a security fix as a sanity check.

Debian GNU/Linux 2.1 alias slink
- --------------------------------

  Slink is no longer being supported by the Debian Security Team.  We highly
  recommend an upgrade to the current stable release.

Debian GNU/Linux 2.2 (stable) alias potato
- ------------------------------------------

  Fixes are currently available for the Alpha, ARM, Intel ia32, Motorola 680x0,
  PowerPC and Sun SPARC architectures, and will be included in 2.2r2.

  Source archives:
    
http://security.debian.org/dists/potato/updates/main/source/cron_3.0pl1-57.1.diff.gz
      MD5 checksum: 4fac4be2841908090d1c877a65cf5ef9
    
http://security.debian.org/dists/potato/updates/main/source/cron_3.0pl1-57.1.dsc
      MD5 checksum: caed3f1556203618544eec823347df30
    
http://security.debian.org/dists/potato/updates/main/source/cron_3.0pl1.orig.tar.gz
      MD5 checksum: 4c64aece846f8483daf440f8e3dd210f

  Alpha architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-alpha/cron_3.0pl1-57.1_alpha.deb
      MD5 checksum: 3b146f5227182343d3b20cf8fce8a86c

  ARM architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-arm/cron_3.0pl1-57.1_arm.deb
      MD5 checksum: 559e80e83abf371a8d09759ee900daf5

  Intel IA32 architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-arm/cron_3.0pl1-57.1_i386.deb
      MD5 checksum: 922bb72b07a05fb888771364697f52e1

  Motorola 680x0 architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-m68k/cron_3.0pl1-57.1_m68k.deb
      MD5 checksum: 2e0d8152ec03a66bb88ba84215fe4de3

  PowerPC architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-powerpc/cron_3.0pl1-57.1_powerpc.deb
      MD5 checksum: 16ad8c4a26436239e7a25260340be6d5

  Sun Sparc architecture:
    
http://security.debian.org/dists/potato/updates/main/binary-sparc/cron_3.0pl1-57.1_sparc.deb
      MD5 checksum: 2bd401a635eedc47e9f6dd1652f71e35

Debian GNU/Linux Unstable alias woody
- -------------------------------------

  This version of Debian is not yet released.

  Fixes will be made available for Alpha, ARM, Intel ia32, Motorola 680x0,
  PowerPC, and SPARC in the Debian archive over the next several days.

- ----------------------------------------------------------------------------
For apt-get: deb  http://security.debian.org/ stable/updates main
Mailing list: debian-security-announce@lists.debian.org


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Today's Security Hacks Are After More Than Bank Info
How Boston Children's Hospital Hit Back at Anonymous
SNMP DDoS Scans Spoof Google Public DNS Server
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.