| Vulnerability Name: | CVE-2004-1033 (CCN-18078) | ||||||||
| Assigned: | 2004-11-15 | ||||||||
| Published: | 2004-11-15 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2004-1033 Source: CCN Type: Fcron Web site Welcome to Fcron's home page ! Source: GENTOO Type: UNKNOWN GLSA-200411-27 Source: CCN Type: GLSA-200411-27 Fcron: Multiple vulnerabilities Source: IDEFENSE Type: UNKNOWN 20041115 Multiple Security Vulnerabilities in Fcron Source: CCN Type: iDEFENSE Security Advisory 11.15.04 Multiple Security Vulnerabilities in Fcron Source: CCN Type: OSVDB ID: 11837 Fcron fcrontab File Descriptor Leak Content Disclosure Source: BID Type: Patch, Vendor Advisory 11684 Source: CCN Type: BID-11684 Fcron FCronTab/FCronSighUp Multiple Local Vulnerabilities Source: XF Type: UNKNOWN fcron-fcrontab-obtain-info(18078) Source: XF Type: UNKNOWN fcron-fcrontab-obtain-info(18078) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||