Secunia Logo  
 Vulnerability IntelligenceVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > SUSE update for vixie-cron
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
SUSE update for vixie-cron
Secunia Advisory: SA20388
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2006-06-01
Popularity: 6,399 views

Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS:SUSE Linux 10
SuSE Linux 9.1
SUSE Linux 9.2
SUSE Linux 9.3
SuSE Linux Desktop 1.x
SuSE Linux Enterprise Server 8
SUSE Linux Enterprise Server 9
UnitedLinux 1.0
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2006-2607
Description:
SUSE has issued an update for vixie-cron. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.

For more information:
SA20380

Solution:
Apply updated packages.

-- x86 Platform --

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cron-4.1-45.3.i586.rpm
e497e8d493f1b94c0891af1026be4d0a

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/cron-4.1-26.2.i586.rpm
a7daa9be8f6d1f3d5b87904e934ee235

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/cron-4.1-20.2.i586.rpm
feabbd699c9504dc4cf0bf0ba91e6f2d

SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/cron-4.1-14.2.i586.rpm
0979cea40c43166044c66364b148101b

SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cron-3.0.1-920.12.i586.rpm
e140f798e6146f52ca2621a6ef678a45

-- Power PC Platform --

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cron-4.1-45.3.ppc.rpm
0b0550667503fc422ae7601b4cb513e6

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/cron-4.1-26.2.ppc.rpm
711aeec2e8bfcb02835478e3c5bc62c8

-- x86-64 Platform --

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cron-4.1-45.3.x86_64.rpm
01885af8563e8f2e093b7741e0e7ee95

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/cron-4.1-26.2.x86_64.rpm
3716db1e6d608fc4714b8ac137c94059

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/cron-4.1-20.2.x86_64.rpm
4287461b019ece311e32082fd87bc0a9

SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/cron-4.1-14.2.x86_64.rpm
574294ae7f583add41bd45774988cb4e

SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/up...m/x86_64/cron-3.0.1-920.12.x86_64.rpm
6b26840c02592f7978d841f99743371d

-- Sources --

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/cron-4.1-45.3.src.rpm
f43d85f87f2571b7a72c580f40027abd

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/cron-4.1-26.2.src.rpm
78ea0581677076016e90b109e6154b12

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/cron-4.1-20.2.src.rpm
9a1b7e7f96f6daaa2ce77f922ff9df9a

SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/cron-4.1-14.2.src.rpm
26adb41a9c1beb796184323a0c0fed8a

SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/cron-3.0.1-920.12.src.rpm
84e82588b2fcd45ff23e02502acbc8d2
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/cron-3.0.1-920.12.src.rpm
c0aa0ac7fb31ae24da6404b0e0cdc218

-- Packages from the maintenance web --

UnitedLinux 1.0:
http://support.novell.com/cgi-bin/sea...9b78595924034dfdf1a0dcd1777838f9.html

SUSE SLES 9:
http://support.novell.com/cgi-bin/sea...9b78595924034dfdf1a0dcd1777838f9.html

SuSE Linux Desktop 1.0:
http://support.novell.com/cgi-bin/sea...9b78595924034dfdf1a0dcd1777838f9.html

SuSE Linux Enterprise Server 8:
http://support.novell.com/cgi-bin/sea...9b78595924034dfdf1a0dcd1777838f9.html

Original Advisory:
http://www.novell.com/linux/security/advisories/2006-05-32.html

Other References:
SA20380:
http://secunia.com/advisories/20380/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

9th Jan, 2009
New advisories: 14
New vulnerabilities: 38
Updated advisories: 21

Less // 228 views
Interstage HTTP Server mod_proxy_ftp Cross-Site Scripting
Moderately // 199 views
Pizzis CMS "idvar" SQL Injection Vulnerability
Less // 235 views
Openfire Multiple Vulnerabilities
Moderately // 247 views
OpenBSD update for OpenSSL
Less // 207 views
MODx "searchid" SQL Injection Vulnerability
Not // 315 views
Asterisk User Account Enumeration Weakness
Less // 327 views
Sun Solaris Samba "smbd" Information Disclosure Vulnerability
Less // 306 views
Serv-U Denial of Service Vulnerability
Less // 278 views
CuteNews Cross-Site Scripting and PHP Code Execution Vulnerabilities
Highly // 349 views
XOOPS "mydirname" PHP Code Injection Vulnerability

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. HP OpenView Network Node Manager Multiple Vulnerabilities // 29 views
2. Internet Explorer Data Binding Memory Corruption Vulnerability // 28 views
3. Interstage HTTP Server mod_proxy_ftp Cross-Site Scripting // 27 views
4. Adobe Flash Player Multiple Security Issues and Vulnerabilities // 26 views
5. Sun Java JDK / JRE Multiple Vulnerabilities // 24 views
6. XOOPS "mydirname" PHP Code Injection Vulnerability // 24 views
7. OpenBSD update for OpenSSL // 23 views
8. Sun Solaris Samba "smbd" Information Disclosure Vulnerability // 22 views
9. CuteNews Cross-Site Scripting and PHP Code Execution Vulnerabilities // 21 views
10. Asterisk User Account Enumeration Weakness // 21 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2009