cbcvebase.

Thibault Godouet Fcron vulnerabilities

8 known vulnerabilities affecting thibault_godouet/fcron.

Total CVEs
8
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2LOW5

Vulnerabilities

Page 1 of 1
CVE-2006-0539P4MEDIUMCVSS 4.6PoCv3.0.02006-02-04
CVE-2006-0539 [MEDIUM] CVE-2006-0539: The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long co The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."
nvd
CVE-2001-0685P4LOWCVSS 2.6PoCv1.0v1.0.1+3 more2001-09-20
CVE-2001-0685 [LOW] CVE-2001-0685: Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file.
nvd
CVE-2006-0575P4MEDIUMCVSS 5.0v2.9.5v3.0.02006-02-07
CVE-2006-0575 [MEDIUM] CVE-2006-0575: convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary f convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.
nvd
CVE-2004-1031P4HIGHCVSS 7.2v2.0.1v2.9.42005-03-01
CVE-2004-1031 [HIGH] CVE-2004-1031: fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.
nvd
CVE-2004-1032P4LOWCVSS 2.1v2.0.1v2.9.42005-03-01
CVE-2004-1032 [LOW] CVE-2004-1032: fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitr fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string.
nvd
CVE-2004-1033P4LOWCVSS 2.1v2.0.1v2.9.42005-03-01
CVE-2004-1033 [LOW] CVE-2004-1033: Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
nvd
CVE-2004-1030P4LOWCVSS 2.1v2.0.1v2.9.42005-03-01
CVE-2004-1030 [LOW] CVE-2004-1030: fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitiv fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
nvd
CVE-2010-0792P4LOWCVSS 1.9≤ 3.0.4v0.8.0+31 more2010-03-05
CVE-2010-0792 [LOW] CWE-59 CVE-2010-0792: fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.
nvd
Thibault Godouet Fcron vulnerabilities | cvebase