CVE-2006-0539

fcron 3.0.0 - Local Privilege Escalation via Long Command-Line Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0539. PoCs published by Adam Zabrocki.

AI-analyzed exploit summary The provided text describes a retired local buffer-overflow vulnerability in Fcron 3.0, which was initially believed to allow arbitrary code execution with superuser privileges. However, further analysis determined it was not exploitable for code execution.

Description

The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."

Exploits (1)

exploitdb WRITEUP VERIFIED

by Adam Zabrocki · textdosmultiple

https://www.exploit-db.com/exploits/27159

View Code ZIP pw:eip

The provided text describes a retired local buffer-overflow vulnerability in Fcron 3.0, which was initially believed to allow arbitrary code execution with superuser privileges. However, further analysis determined it was not exploitable for code execution.

Classification

Writeup 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Fcron 3.0

Auth required

Prerequisites: local access to the system · Fcron installed with setuid-superuser privileges

devstral-2 · analyzed Feb 16, 2026 Full analysis →