|
Family: Debian Local Security Checks --> Category: infos
[DSA024] DSA-024-1 cron Vulnerability Scan
Vulnerability Scan Summary DSA-024-1 cron
Detailed Explanation for this Vulnerability Test
The FreeBSD team has found a bug in the way new crontabs
were handled which allowed malicious users to display arbitrary crontab files
on the local system. This only affects valid crontab files so it can't be used to
get access to /etc/shadow or something. crontab files are not especially secure
anyway, as there are other ways they can leak. No passwords or similar
sensitive data should be in there. We recommend you upgrade your cron
packages.
Solution : http://www.debian.org/security/2001/dsa-024
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|