Vulnerabilities > CVE-2006-0539 - Local Buffer Overflow vulnerability in Thibault Godouet Fcron 3.0.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Fcron 3.0 Convert-FCronTab Local Buffer Overflow Vulnerability. CVE-2006-0539. Dos exploits for multiple platform |
id | EDB-ID:27159 |
last seen | 2016-02-03 |
modified | 2006-02-01 |
published | 2006-02-01 |
reporter | Adam Zabrocki |
source | https://www.exploit-db.com/download/27159/ |
title | Fcron 3.0 - Convert-FCronTab Local Buffer Overflow Vulnerability |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0999.html
- http://fcron.free.fr/doc/en/changes.html
- http://fcron.free.fr/news.php#a20060206a.xml
- http://secunia.com/advisories/18719
- http://www.securityfocus.com/archive/1/423697/100/0/threaded
- http://www.securityfocus.com/bid/16467
- http://www.trustix.org/errata/2006/0036
- http://www.vupen.com/english/advisories/2006/0435
- https://bugs.trustix.org/show_bug.cgi?id=1754
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24444