Executive Summary

Informations
Name CVE-2006-2607 First vendor Publication 2006-05-25
Vendor Cve Last vendor Modification 2018-10-18

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2607

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10213
 
Oval ID: oval:org.mitre.oval:def:10213
Title: do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
Description: do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
Family: unix Class: vulnerability
Reference(s): CVE-2006-2607
 Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13827
 
Oval ID: oval:org.mitre.oval:def:13827
Title: USN-778-1 -- cron vulnerability
Description: It was discovered that cron did not properly check the return code of the setgid and initgroups system calls. A local attacker could use this to escalate group privileges. Please note that cron versions 3.0pl1-64 and later were already patched to address the more serious setuid check referred to by CVE-2006-2607.
Family: unix Class: patch
Reference(s): USN-778-1
CVE-2006-2607
 Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 9.04
Ubuntu 6.06
Ubuntu 8.10
 Product(s): cron
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2009-06-05 Name : Ubuntu USN-778-1 (cron)
File : nvt/ubuntu_778_1.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200606-07 (vixie-cron)
File : nvt/glsa_200606_07.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
25850 Vixie Cron do_command.c Setuid Drop Failure Privilege Escalation

Nessus® Vulnerability Scanner

Date Description
2009-06-02 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-778-1.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_cron-1440.nasl - Type : ACT_GATHER_INFO
2006-07-13 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2006-0539.nasl - Type : ACT_GATHER_INFO
2006-07-13 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2006-0539.nasl - Type : ACT_GATHER_INFO
2006-06-11 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200606-07.nasl - Type : ACT_GATHER_INFO
2006-06-01 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2006_027.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/18108
BUGTRAQ http://www.securityfocus.com/archive/1/435033/100/0/threaded
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=134194
http://support.avaya.com/elmodocs2/security/ASA-2006-168.htm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178431
GENTOO http://security.gentoo.org/glsa/glsa-200606-07.xml
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2006-0539.html
SECTRACK http://securitytracker.com/id?1016480
SECUNIA http://secunia.com/advisories/20380
http://secunia.com/advisories/20388
http://secunia.com/advisories/20616
http://secunia.com/advisories/21032
http://secunia.com/advisories/21702
http://secunia.com/advisories/35318
SUSE http://www.novell.com/linux/security/advisories/2006-05-32.html
UBUNTU https://usn.ubuntu.com/778-1/
VUPEN http://www.vupen.com/english/advisories/2006/2075
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/26691

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
Date Informations
2021-05-04 12:04:04
  • Multiple Updates
2021-04-22 01:04:40
  • Multiple Updates
2020-05-23 00:17:50
  • Multiple Updates
2018-10-18 21:20:09
  • Multiple Updates
2018-10-04 00:19:28
  • Multiple Updates
2017-10-11 09:23:41
  • Multiple Updates
2017-07-20 09:23:37
  • Multiple Updates
2016-04-26 14:39:55
  • Multiple Updates
2014-02-17 10:35:59
  • Multiple Updates
2013-05-11 10:58:06
  • Multiple Updates