CVE-2004-1030
Fcron 2.0.1 and 2.9.4 - Information Disclosure via fcronsighup Error Message
Title source: llmDescription
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
References (4)
Core 4
Core References
Various Sources third-party-advisory
x_refsource_idefense
http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=false
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18075
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11684
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200411-27.xml
Scores
EPSS
0.0007
EPSS Percentile
21.7%
Details
Status
published
Products (3)
gentoo/linux
thibault_godouet/fcron
2.0.1
thibault_godouet/fcron
2.9.4
Published
Mar 01, 2005
Tracked Since
Feb 18, 2026