Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/107373 | Third Party Advisory VDB Entry |
https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/ | |
https://salsa.debian.org/debian/cron/commit/f2525567 | Patch Third Party Advisory |
http://www.securityfocus.com/bid/107373 | Third Party Advisory VDB Entry |
https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/ | |
https://salsa.debian.org/debian/cron/commit/f2525567 | Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 04:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/107373 - Third Party Advisory, VDB Entry | |
References | () https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/ - | |
References | () https://salsa.debian.org/debian/cron/commit/f2525567 - Patch, Third Party Advisory |
07 Nov 2023, 03:13
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-03-12 01:29
Updated : 2024-11-21 04:52
NVD link : CVE-2019-9704
Mitre link : CVE-2019-9704
CVE.ORG link : CVE-2019-9704
JSON object : View
Products Affected
debian
- debian_linux
cron_project
- cron
fedoraproject
- fedora