SuSE 10 Security Update : cron (ZYPP Patch Number 3831)
Low Nessus Plugin ID 29408
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionBy setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs. (CVE-2007-1856)
A re-emerged symlink bug allowed users to edit the crontab of other users. (CVE-2005-1038)
This is a reissue of the SLES10 update after Service Pack 1, since Service Pack 1 merge lost some of the fixes in the cron package.
SolutionApply ZYPP patch number 3831.