CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
5.1%
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | bcron | < 0.09-13 | bcron_0.09-13_all.deb |
Debian | 11 | all | bcron | < 0.09-13 | bcron_0.09-13_all.deb |
Debian | 999 | all | bcron | < 0.09-13 | bcron_0.09-13_all.deb |
Debian | 13 | all | bcron | < 0.09-13 | bcron_0.09-13_all.deb |