Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-11-24T05:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2004-11-12T00:00:00
Link: CVE-2004-1033
JSON object: View
NVD Information
Status : Modified
Published: 2005-03-01T05:00:00.000
Modified: 2017-07-11T01:30:40.700
Link: CVE-2004-1033
JSON object: View
Redhat Information
No data.
CWE