Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Paul Vixie任意命令执行漏洞
Vulnerability Description
Paul Vixie的定时任务使用暂时文件的可预言文件名并且不能正确地确保文件被执行定时任务-e命令的用户所拥有,带有到定时任务线轴目录的写访问的本地用户可以通过在受害人编辑文件时创建全局可读暂时文件以及修改它们来执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A