CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.
Vendor | Product | Version | CPE |
---|---|---|---|
bcron_project | bcron_exec | * | cpe:2.3:a:bcron_project:bcron_exec:*:*:*:*:*:*:*:* |
bcron_project | bcron_exec | 0.04 | cpe:2.3:a:bcron_project:bcron_exec:0.04:*:*:*:*:*:*:* |
bcron_project | bcron_exec | 0.05 | cpe:2.3:a:bcron_project:bcron_exec:0.05:*:*:*:*:*:*:* |
bcron_project | bcron_exec | 0.06 | cpe:2.3:a:bcron_project:bcron_exec:0.06:*:*:*:*:*:*:* |
bcron_project | bcron_exec | 0.07 | cpe:2.3:a:bcron_project:bcron_exec:0.07:*:*:*:*:*:*:* |
bcron_project | bcron_exec | 0.08 | cpe:2.3:a:bcron_project:bcron_exec:0.08:*:*:*:*:*:*:* |