Vulnerability in Gentoo Linux
CVE-2007-1856
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
EPSS: 0.004 (29.9th percentile) — read the EPSS interpretation.
Affected products
- Gentoo Linux
- Paul_vixie Vixie_cron
- N/a — versions n/a
References
- secalert@redhat.com (mailing-list, x_refsource_FULLDISC)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN)
- secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
- secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)