Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0539

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-0539
Last Modified 07 Mar 2011 09:30:16
Published 03 Feb 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0539

Summary

The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."

Vulnerable Systems

Application

  • Thibault Godouet Fcron 3.0.0


References

VUPEN - ADV-2006-0435

BID - 16467

BUGTRAQ - 20060201 Fcrontab - memory corruption on heap.

SECUNIA - 18719

CONFIRM - https://bugs.trustix.org/show_bug.cgi?id=1754

XF - fcron-syslog-bo(24444)

TRUSTIX - 2006-0036

CONFIRM - http://fcron.free.fr/news.php#a20060206a.xml

CONFIRM - http://fcron.free.fr/doc/en/changes.html


Last Updated: 27 May 2016 10:41:42