Show filters
83 Total Results
Displaying 61-70 of 83
Sort by:
Attacker Value
Unknown

CVE-2010-0424

Disclosure Date: February 25, 2010 (last updated October 04, 2023)
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
0
Attacker Value
Unknown

CVE-2009-3589

Disclosure Date: October 08, 2009 (last updated October 04, 2023)
incron 0.5.5 does not initialize supplementary groups when running a process from a user's incrontabs, which causes the process to be run with the incrond supplementary groups and allows local users to gain privileges via an incrontab table.
0
Attacker Value
Unknown

CVE-2008-6006

Disclosure Date: January 30, 2009 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow remote attackers to execute arbitrary PHP code via a URL in the minsoft_path parameter to (1) utdb_access.php and (2) utgn_message.php in utility/.
0
Attacker Value
Unknown

CVE-2008-0377

Disclosure Date: January 22, 2008 (last updated October 04, 2023)
MicroNews allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin.php.
0
Attacker Value
Unknown

CVE-2007-1856

Disclosure Date: April 18, 2007 (last updated October 04, 2023)
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
0
Attacker Value
Unknown

CVE-2007-0636

Disclosure Date: January 31, 2007 (last updated October 04, 2023)
Unspecified vulnerability in inotify before 0.3.5 has unknown impact and attack vectors, related to "access rights to watched files."
0
Attacker Value
Unknown

CVE-2006-6842

Disclosure Date: December 31, 2006 (last updated October 04, 2023)
SQL injection vulnerability in admin/admin_acronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
Attacker Value
Unknown

CVE-2006-2607

Disclosure Date: May 25, 2006 (last updated October 04, 2023)
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
0
Attacker Value
Unknown

CVE-2006-0575

Disclosure Date: February 07, 2006 (last updated February 22, 2025)
convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.
0
Attacker Value
Unknown

CVE-2006-0539

Disclosure Date: February 04, 2006 (last updated February 22, 2025)
The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."
0