Description
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.
References (11)
Core 11
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0730
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39195
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/509873/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023677
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56680
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/62718
Patch x_refsource_confirm
http://fcron.free.fr/
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2010/Mar/97
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38796
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38531
Scores
EPSS
0.0035
EPSS Percentile
26.8%
Details
CWE
CWE-59
Status
published
Products (33)
thibault_godouet/fcron
0.8.0
thibault_godouet/fcron
0.8.1
thibault_godouet/fcron
0.8.2
thibault_godouet/fcron
0.9.0
thibault_godouet/fcron
0.9.1
thibault_godouet/fcron
0.9.2.1
thibault_godouet/fcron
0.9.3
thibault_godouet/fcron
0.9.4
thibault_godouet/fcron
0.9.5
thibault_godouet/fcron
1.0.0
... and 23 more
Published
Mar 05, 2010
Tracked Since
Feb 18, 2026