drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in vixie-cron
Name: |
Mangelnde Rechteprüfung in vixie-cron |
|
ID: |
TLSA-2006-21 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 8 Server, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Sa, 12. August 2006, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2607 |
|
Applikationen: |
vixie-cron |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2006-21 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 11 Aug 2006 Last revised: 11 Aug 2006
Package: vixie-cron
Summary: Setuid return value check problem
More information: The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times.
Vixie cron does not check the return code of a setuid call.
Impact: This vulnerability may allow local users to obtain root privileges.
Affected Products: - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 7 Server
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 e4cdd4019adfbdccc2b8205c5ce81334
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 85246 387792ff13908e04c4fb0fca8f3f5304
<Turbolinux FUJI>
Source Packages Size: MD5
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i686.rpm 56150 0d86cd54a087509673aaaa0ade939a50
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 cb5cdfe83851bb9daee156f4315286e9
Binary Packages Size: MD5
vixie-cron-3.0.1-70.x86_64.rpm 87632 9db011c1d84e647d4f420fcbc6426ac4
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 33aa15ebce2e355112b94cd3958ff130
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 57186 895c1f4ffef87702b9f6e3d1a3007ed9
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 422db1e71b35e01af1f785f8fef25573
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 57390 a88a4b6f4a9c206f1964522f8dc731bc
<Turbolinux 10 Server>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 9843d1f1d6c0f67c47ea03a67241f5d4
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 85246 387792ff13908e04c4fb0fca8f3f5304
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 4d8597dc2a4571b96ca797c630df4fbe
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 85125 f0ea05bc558d698f0467f3be4e1e18b8
<Turbolinux 8 Server>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 35a1df7c86daad8d69f83d93f803be77
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 57374 149cd71983849c4643cb9a960f14969a
<Turbolinux 7 Server>
Source Packages Size: MD5
vixie-cron-3.0.1-70.src.rpm 93722 8da6820cca4816c7b2fe575334e4a2b4
Binary Packages Size: MD5
vixie-cron-3.0.1-70.i586.rpm 59475 6e108bab1810b36572ca0bf2852f449f
CVE [CVE-2006-2607] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2607
-------------------------------------------------------------------------- Revision History 11 Aug 2006 Initial release --------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFE3BhEK0LzjOqIJMwRAnjgAJ98y0f81G2jPzw9zzXxxgoBrtEJ/ACdFxYo EWfSS8+hpWfdOUmv/3PEBo8= =pIAh -----END PGP SIGNATURE-----
|
|
|
|