PT-2006-1603 · Gnu+2 · Glibc+2

Published

2006-02-04

Updated

2018-10-19

CVE-2006-0539

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions fcron version 3.0.0

Description The issue is related to the convert-fcrontab program in fcron, where a long command-line argument can cause Linux glibc to report heap memory corruption. This might be due to a strcpy in the strdup2 function overwriting some data, potentially allowing local users to gain privileges.

Recommendations For fcron version 3.0.0, consider restricting access to the convert-fcrontab program until a fix is available, to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0539

Affected Products

Linux

Fcron

Glibc

PT-2006-1603 · Gnu+2 · Glibc+2

CVE-2006-0539

Related Identifiers

Affected Products

References · 12