Local Privilege Escalation: Symlink Vulnerability in Vixie Cron 4.1

Local Privilege Escalation: Symlink Vulnerability in Vixie Cron 4.1

CVE-2005-1038 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.

Learn more about our User Device Pen Test.