Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0685

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2001-0685
Last Modified 05 Sep 2008 04:24:41
Published 20 Sep 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-0685

Summary

Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file.

Vulnerable Systems

Application

  • Thibault Godouet Fcron 1.0

  • Thibault Godouet Fcron 1.0.1

  • Thibault Godouet Fcron 1.0.2

  • Thibault Godouet Fcron 1.0.3

  • Thibault Godouet Fcron 1.1.0


References

BID - 2835

BUGTRAQ - 20010228 fcron 0.9.5 is vulnerable to a symlink attack

CONFIRM - http://fcron.free.fr/CHANGES.html

XF - fcron-tmpfile-symlink(7127)


Last Updated: 27 May 2016 10:36:21