Search
Find a vulnerability
Search criteria
16 vulnerabilities found for fcron by thibault_godouet
CVE-2010-0792 (GCVE-0-2010-0792)
Vulnerability from nvd – Published: 2010-03-05 19:00 – Updated: 2024-08-07 00:59
VLAI
EPSS
VEX
Summary
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0730 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/39195 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/archive/1/509873/100… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1023677 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/62718 | vdb-entryx_refsource_OSVDB |
| http://fcron.free.fr/ | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2010/Mar/97 | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/38796 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/38531 | vdb-entryx_refsource_BID |
Date Public
2010-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0730"
},
{
"name": "39195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39195"
},
{
"name": "FEDORA-2010-4063",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html"
},
{
"name": "20100304 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509873/100/0/threaded"
},
{
"name": "1023677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023677"
},
{
"name": "fcron-fcrontab-symlink(56680)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56680"
},
{
"name": "62718",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/62718"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/"
},
{
"name": "20100303 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Mar/97"
},
{
"name": "38796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38796"
},
{
"name": "38531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0730"
},
{
"name": "39195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39195"
},
{
"name": "FEDORA-2010-4063",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html"
},
{
"name": "20100304 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509873/100/0/threaded"
},
{
"name": "1023677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023677"
},
{
"name": "fcron-fcrontab-symlink(56680)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56680"
},
{
"name": "62718",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/62718"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/"
},
{
"name": "20100303 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Mar/97"
},
{
"name": "38796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38796"
},
{
"name": "38531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0730",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0730"
},
{
"name": "39195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39195"
},
{
"name": "FEDORA-2010-4063",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html"
},
{
"name": "20100304 fcrontab Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509873/100/0/threaded"
},
{
"name": "1023677",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023677"
},
{
"name": "fcron-fcrontab-symlink(56680)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56680"
},
{
"name": "62718",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/62718"
},
{
"name": "http://fcron.free.fr/",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/"
},
{
"name": "20100303 fcrontab Information Disclosure Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Mar/97"
},
{
"name": "38796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38796"
},
{
"name": "38531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0792",
"datePublished": "2010-03-05T19:00:00.000Z",
"dateReserved": "2010-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:59:39.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0575 (GCVE-0-2006-0575)
Vulnerability from nvd – Published: 2006-02-07 20:00 – Updated: 2024-08-07 16:41
VLAI
EPSS
VEX
Summary
convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/22905 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25693 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.trustix.org/errata/2006/0006 | vendor-advisoryx_refsource_TRUSTIX |
| http://www.vupen.com/english/advisories/2006/0435 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/18719 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=full-disclosure&m=11389073460… | mailing-listx_refsource_FULLDISC |
Date Public
2006-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22905"
},
{
"name": "25693",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25693"
},
{
"name": "fcron-dotdot-directory-traversal(24504)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24504"
},
{
"name": "2006-0006",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0006"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "20060202 Re: Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113890734603201\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via \"..\" sequences and a symlink attack on the temporary file that is used during conversion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22905"
},
{
"name": "25693",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25693"
},
{
"name": "fcron-dotdot-directory-traversal(24504)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24504"
},
{
"name": "2006-0006",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0006"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "20060202 Re: Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113890734603201\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via \"..\" sequences and a symlink attack on the temporary file that is used during conversion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22905",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22905"
},
{
"name": "25693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25693"
},
{
"name": "fcron-dotdot-directory-traversal(24504)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24504"
},
{
"name": "2006-0006",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0006"
},
{
"name": "ADV-2006-0435",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "18719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18719"
},
{
"name": "20060202 Re: Fcrontab - memory corruption on heap.",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=113890734603201\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0575",
"datePublished": "2006-02-07T20:00:00.000Z",
"dateReserved": "2006-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:41:28.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0539 (GCVE-0-2006-0539)
Vulnerability from nvd – Published: 2006-02-04 02:00 – Updated: 2024-08-07 16:41
VLAI
EPSS
VEX
Summary
The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/423697/100… | mailing-listx_refsource_BUGTRAQ |
| http://fcron.free.fr/news.php#a20060206a.xml | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.vupen.com/english/advisories/2006/0435 | vdb-entryx_refsource_VUPEN |
| http://www.trustix.org/errata/2006/0036 | vendor-advisoryx_refsource_TRUSTIX |
| http://secunia.com/advisories/18719 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/16467 | vdb-entryx_refsource_BID |
| https://bugs.trustix.org/show_bug.cgi?id=1754 | x_refsource_CONFIRM |
| http://fcron.free.fr/doc/en/changes.html | x_refsource_CONFIRM |
Date Public
2006-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423697/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/news.php#a20060206a.xml"
},
{
"name": "fcron-syslog-bo(24444)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24444"
},
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "2006-0036",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0036"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "16467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16467"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.trustix.org/show_bug.cgi?id=1754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/doc/en/changes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can \"overwrite some data.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423697/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/news.php#a20060206a.xml"
},
{
"name": "fcron-syslog-bo(24444)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24444"
},
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "2006-0036",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0036"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "16467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16467"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.trustix.org/show_bug.cgi?id=1754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/doc/en/changes.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can \"overwrite some data.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423697/100/0/threaded"
},
{
"name": "http://fcron.free.fr/news.php#a20060206a.xml",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/news.php#a20060206a.xml"
},
{
"name": "fcron-syslog-bo(24444)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24444"
},
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html"
},
{
"name": "ADV-2006-0435",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "2006-0036",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0036"
},
{
"name": "18719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18719"
},
{
"name": "16467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16467"
},
{
"name": "https://bugs.trustix.org/show_bug.cgi?id=1754",
"refsource": "CONFIRM",
"url": "https://bugs.trustix.org/show_bug.cgi?id=1754"
},
{
"name": "http://fcron.free.fr/doc/en/changes.html",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/doc/en/changes.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0539",
"datePublished": "2006-02-04T02:00:00.000Z",
"dateReserved": "2006-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:41:28.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1030 (GCVE-0-2004-1030)
Vulnerability from nvd – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/11684 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "fcron-fcronsighup-obtain-info(18075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18075"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "fcron-fcronsighup-obtain-info(18075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18075"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "fcron-fcronsighup-obtain-info(18075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18075"
},
{
"name": "11684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1030",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1033 (GCVE-0-2004-1033)
Vulnerability from nvd – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/bid/11684 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcrontab-obtain-info(18078)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18078"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcrontab-obtain-info(18078)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18078"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcrontab-obtain-info(18078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18078"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1033",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1032 (GCVE-0-2004-1032)
Vulnerability from nvd – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-create-files(18077)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-create-files(18077)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18077"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-create-files(18077)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18077"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1032",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1031 (GCVE-0-2004-1031)
Vulnerability from nvd – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/bid/11684 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-restrictions-bypass(18076)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-restrictions-bypass(18076)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18076"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-restrictions-bypass(18076)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18076"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1031",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0685 (GCVE-0-2001-0685)
Vulnerability from nvd – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
VLAI
EPSS
VEX
Summary
Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://fcron.free.fr/CHANGES.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/2835 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=98339581702282&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2001-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:05.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fcron-tmpfile-symlink(7127)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7127"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/CHANGES.html"
},
{
"name": "2835",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2835"
},
{
"name": "20010228 fcron 0.9.5 is vulnerable to a symlink attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98339581702282\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user\u0027s crontab file via a symlink attack on the fcrontab temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fcron-tmpfile-symlink(7127)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7127"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/CHANGES.html"
},
{
"name": "2835",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2835"
},
{
"name": "20010228 fcron 0.9.5 is vulnerable to a symlink attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98339581702282\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user\u0027s crontab file via a symlink attack on the fcrontab temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fcron-tmpfile-symlink(7127)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7127"
},
{
"name": "http://fcron.free.fr/CHANGES.html",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/CHANGES.html"
},
{
"name": "2835",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2835"
},
{
"name": "20010228 fcron 0.9.5 is vulnerable to a symlink attack",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98339581702282\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0685",
"datePublished": "2002-03-09T05:00:00.000Z",
"dateReserved": "2001-08-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:30:05.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0792 (GCVE-0-2010-0792)
Vulnerability from cvelistv5 – Published: 2010-03-05 19:00 – Updated: 2024-08-07 00:59
VLAI
EPSS
VEX
Summary
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/0730 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/39195 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/archive/1/509873/100… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1023677 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/62718 | vdb-entryx_refsource_OSVDB |
| http://fcron.free.fr/ | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2010/Mar/97 | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/38796 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/38531 | vdb-entryx_refsource_BID |
Date Public
2010-03-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0730"
},
{
"name": "39195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39195"
},
{
"name": "FEDORA-2010-4063",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html"
},
{
"name": "20100304 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509873/100/0/threaded"
},
{
"name": "1023677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023677"
},
{
"name": "fcron-fcrontab-symlink(56680)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56680"
},
{
"name": "62718",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/62718"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/"
},
{
"name": "20100303 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Mar/97"
},
{
"name": "38796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38796"
},
{
"name": "38531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0730"
},
{
"name": "39195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39195"
},
{
"name": "FEDORA-2010-4063",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html"
},
{
"name": "20100304 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509873/100/0/threaded"
},
{
"name": "1023677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023677"
},
{
"name": "fcron-fcrontab-symlink(56680)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56680"
},
{
"name": "62718",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/62718"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/"
},
{
"name": "20100303 fcrontab Information Disclosure Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Mar/97"
},
{
"name": "38796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38796"
},
{
"name": "38531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0730",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0730"
},
{
"name": "39195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39195"
},
{
"name": "FEDORA-2010-4063",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html"
},
{
"name": "20100304 fcrontab Information Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509873/100/0/threaded"
},
{
"name": "1023677",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023677"
},
{
"name": "fcron-fcrontab-symlink(56680)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56680"
},
{
"name": "62718",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/62718"
},
{
"name": "http://fcron.free.fr/",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/"
},
{
"name": "20100303 fcrontab Information Disclosure Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Mar/97"
},
{
"name": "38796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38796"
},
{
"name": "38531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0792",
"datePublished": "2010-03-05T19:00:00.000Z",
"dateReserved": "2010-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:59:39.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0575 (GCVE-0-2006-0575)
Vulnerability from cvelistv5 – Published: 2006-02-07 20:00 – Updated: 2024-08-07 16:41
VLAI
EPSS
VEX
Summary
convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/22905 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25693 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.trustix.org/errata/2006/0006 | vendor-advisoryx_refsource_TRUSTIX |
| http://www.vupen.com/english/advisories/2006/0435 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/18719 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=full-disclosure&m=11389073460… | mailing-listx_refsource_FULLDISC |
Date Public
2006-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22905"
},
{
"name": "25693",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25693"
},
{
"name": "fcron-dotdot-directory-traversal(24504)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24504"
},
{
"name": "2006-0006",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0006"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "20060202 Re: Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113890734603201\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via \"..\" sequences and a symlink attack on the temporary file that is used during conversion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22905"
},
{
"name": "25693",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25693"
},
{
"name": "fcron-dotdot-directory-traversal(24504)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24504"
},
{
"name": "2006-0006",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0006"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "20060202 Re: Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113890734603201\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via \"..\" sequences and a symlink attack on the temporary file that is used during conversion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22905",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22905"
},
{
"name": "25693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25693"
},
{
"name": "fcron-dotdot-directory-traversal(24504)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24504"
},
{
"name": "2006-0006",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0006"
},
{
"name": "ADV-2006-0435",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "18719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18719"
},
{
"name": "20060202 Re: Fcrontab - memory corruption on heap.",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=113890734603201\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0575",
"datePublished": "2006-02-07T20:00:00.000Z",
"dateReserved": "2006-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:41:28.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0539 (GCVE-0-2006-0539)
Vulnerability from cvelistv5 – Published: 2006-02-04 02:00 – Updated: 2024-08-07 16:41
VLAI
EPSS
VEX
Summary
The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/423697/100… | mailing-listx_refsource_BUGTRAQ |
| http://fcron.free.fr/news.php#a20060206a.xml | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.vupen.com/english/advisories/2006/0435 | vdb-entryx_refsource_VUPEN |
| http://www.trustix.org/errata/2006/0036 | vendor-advisoryx_refsource_TRUSTIX |
| http://secunia.com/advisories/18719 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/16467 | vdb-entryx_refsource_BID |
| https://bugs.trustix.org/show_bug.cgi?id=1754 | x_refsource_CONFIRM |
| http://fcron.free.fr/doc/en/changes.html | x_refsource_CONFIRM |
Date Public
2006-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423697/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/news.php#a20060206a.xml"
},
{
"name": "fcron-syslog-bo(24444)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24444"
},
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "2006-0036",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0036"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "16467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16467"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.trustix.org/show_bug.cgi?id=1754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/doc/en/changes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can \"overwrite some data.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423697/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/news.php#a20060206a.xml"
},
{
"name": "fcron-syslog-bo(24444)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24444"
},
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html"
},
{
"name": "ADV-2006-0435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "2006-0036",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0036"
},
{
"name": "18719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18719"
},
{
"name": "16467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16467"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.trustix.org/show_bug.cgi?id=1754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/doc/en/changes.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can \"overwrite some data.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423697/100/0/threaded"
},
{
"name": "http://fcron.free.fr/news.php#a20060206a.xml",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/news.php#a20060206a.xml"
},
{
"name": "fcron-syslog-bo(24444)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24444"
},
{
"name": "20060201 Fcrontab - memory corruption on heap.",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html"
},
{
"name": "ADV-2006-0435",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0435"
},
{
"name": "2006-0036",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0036"
},
{
"name": "18719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18719"
},
{
"name": "16467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16467"
},
{
"name": "https://bugs.trustix.org/show_bug.cgi?id=1754",
"refsource": "CONFIRM",
"url": "https://bugs.trustix.org/show_bug.cgi?id=1754"
},
{
"name": "http://fcron.free.fr/doc/en/changes.html",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/doc/en/changes.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0539",
"datePublished": "2006-02-04T02:00:00.000Z",
"dateReserved": "2006-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:41:28.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1030 (GCVE-0-2004-1030)
Vulnerability from cvelistv5 – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/11684 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "fcron-fcronsighup-obtain-info(18075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18075"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "fcron-fcronsighup-obtain-info(18075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18075"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "fcron-fcronsighup-obtain-info(18075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18075"
},
{
"name": "11684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1030",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1033 (GCVE-0-2004-1033)
Vulnerability from cvelistv5 – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/bid/11684 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcrontab-obtain-info(18078)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18078"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcrontab-obtain-info(18078)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18078"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcrontab-obtain-info(18078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18078"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1033",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1032 (GCVE-0-2004-1032)
Vulnerability from cvelistv5 – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-create-files(18077)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-create-files(18077)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18077"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-create-files(18077)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18077"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1032",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1031 (GCVE-0-2004-1031)
Vulnerability from cvelistv5 – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI
EPSS
VEX
Summary
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.idefense.com/application/poi/display?i… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/bid/11684 | vdb-entryx_refsource_BID |
| http://security.gentoo.org/glsa/glsa-200411-27.xml | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2004-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-restrictions-bypass(18076)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-restrictions-bypass(18076)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18076"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041115 Multiple Security Vulnerabilities in Fcron",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=157\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "11684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11684"
},
{
"name": "GLSA-200411-27",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-27.xml"
},
{
"name": "fcron-fcronsighup-restrictions-bypass(18076)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18076"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1031",
"datePublished": "2004-11-24T05:00:00.000Z",
"dateReserved": "2004-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0685 (GCVE-0-2001-0685)
Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
VLAI
EPSS
VEX
Summary
Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://fcron.free.fr/CHANGES.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/2835 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=98339581702282&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2001-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:05.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fcron-tmpfile-symlink(7127)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7127"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fcron.free.fr/CHANGES.html"
},
{
"name": "2835",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2835"
},
{
"name": "20010228 fcron 0.9.5 is vulnerable to a symlink attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98339581702282\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user\u0027s crontab file via a symlink attack on the fcrontab temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fcron-tmpfile-symlink(7127)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7127"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fcron.free.fr/CHANGES.html"
},
{
"name": "2835",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2835"
},
{
"name": "20010228 fcron 0.9.5 is vulnerable to a symlink attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98339581702282\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user\u0027s crontab file via a symlink attack on the fcrontab temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fcron-tmpfile-symlink(7127)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7127"
},
{
"name": "http://fcron.free.fr/CHANGES.html",
"refsource": "CONFIRM",
"url": "http://fcron.free.fr/CHANGES.html"
},
{
"name": "2835",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2835"
},
{
"name": "20010228 fcron 0.9.5 is vulnerable to a symlink attack",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98339581702282\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0685",
"datePublished": "2002-03-09T05:00:00.000Z",
"dateReserved": "2001-08-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:30:05.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}