Isc · Vixie Cron · CVE-2007-1856
Name of the Vulnerable Software and Affected Versions:
vixie-cron versions prior to 4.1-r10
Description:
The issue is related to insecure permissions in vixie-cron, which can be exploited locally to cause a denial of service. This can result in cron failure due to the creation of hard links, leading to a failed st nlink check in database.c. The estimated number of potentially affected devices is not specified.
Recommendations:
For versions prior to 4.1-r10, update to version 4.1-r10 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable `database.c` component to minimize the risk of exploitation.