openSUSE 10 Security Update : cron (cron-1440)
High Nessus Plugin ID 27189
SynopsisThe remote openSUSE host is missing a security update.
DescriptionA missing check on the return value of setuid() in vixie-cron could be used by a local user to gain root privileges by exhausting resource limits and waiting for a cronjob to trigger. This is tracked by the Mitre CVE ID CVE-2006-2607.
SolutionUpdate the affected cron package.