Vixie Cron: Privilege Escalation — GLSA 200606-07

Vixie Cron allows local users to execute programs as root.

Affected Packages

sys-process/vixie-cron on all architectures
Affected versions < 4.1-r9
Unaffected versions >= 4.1-r9

Background

Vixie Cron is a command scheduler with extended syntax over cron.

Description

Roman Veretelnikov discovered that Vixie Cron fails to properly check whether it can drop privileges accordingly if setuid() in do_command.c fails due to a user exceeding assigned resource limits.

Impact

Local users can execute code with root privileges by deliberately exceeding their assigned resource limits and then starting a command through Vixie Cron. This requires resource limits to be in place on the machine.

Workaround

There is no known workaround at this time.

Resolution

All Vixie Cron users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-process/vixie-cron-4.1-r9"

References

Release Date
June 09, 2006

Latest Revision
June 09, 2006: 01

Severity
high

Exploitable
local

Bugzilla entries