CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:thibault_godouet:fcron:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:thibault_godouet:fcron:2.9.4:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () http://security.gentoo.org/glsa/glsa-200411-27.xml - () http://security.gentoo.org/glsa/glsa-200411-27.xml -
References () http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=false - () http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=false -
References () http://www.securityfocus.com/bid/11684 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/11684 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18078 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/18078 -

Information

Published : 2005-03-01 05:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-1033

Mitre link : CVE-2004-1033

CVE.ORG link : CVE-2004-1033


JSON object : View

Products Affected

gentoo

  • linux

thibault_godouet

  • fcron