Privilege Escalation via Crontab Parsing in Vixie Cron 3.0.1 and Earlier

Privilege Escalation via Crontab Parsing in Vixie Cron 3.0.1 and Earlier

CVE-2001-0559 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.

Learn more about our Web Application Penetration Testing UK.