CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.

Published: Mar 1, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-1033
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
thibault_godouet / fcron	2.9.4	2.9.4.x
thibault_godouet / fcron	2.0.1	2.0.1.x
gentoo / linux	-	-

http://security.gentoo.org/glsa/glsa-200411-27.xml
http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=false
http://www.securityfocus.com/bid/11684
https://exchange.xforce.ibmcloud.com/vulnerabilities/18078

Vulnerability Database

289,599

CVE-2004-1033