CVE-2009-3589

Name of the Vulnerable Software and Affected Versions incron version 0.5.5

Description The issue is related to the initialization of supplementary groups when running a process from a user's incrontabs. This causes the process to be run with the incrond supplementary groups, allowing local users to gain privileges via an incrontab table.

Recommendations For incron version 0.5.5, update to a newer version that initializes supplementary groups correctly when running processes from user incrontabs.