Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1074

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2011-1074
Last Modified 21 Sep 2011 11:29:29
Published 04 Mar 2011 06:00:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1074

Summary

crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname.

Vulnerable Systems

Operating System

  • Freebsd


References

XF - freebsd-statcalls-info-disc(65900)

BID - 46604

BUGTRAQ - 20110228 FreeBSD crontab information leakage

SREASON - 8117

MLIST - [oss-security] 20110228 CVE request: FreeBSD/OS X crontab information leakage

MLIST - [oss-security] 20110228 Re: CVE request: FreeBSD/OS X crontab information leakage


Last Updated: 27 May 2016 10:56:08