CVE DATABASE / CVE-2004-1033
CVE-2004-1033
CVSS 2.1 · LOW
Summary
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
CVSS 2.0 breakdown
| Base score | 2.1 (LOW) |
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | PARTIAL |
| Integrity | NONE |
| Availability | NONE |
Affected products
Thibault_godouet fcronGentoo linux
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://security.gentoo.org/glsa/glsa-200411-27.xml
- http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=false
- http://www.securityfocus.com/bid/11684
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18078
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.