Vulnerability Details CVE-2006-0575
convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=full-disclosure&m=113890734603201&w=2
- http://secunia.com/advisories/18719
- http://www.osvdb.org/22905
- http://www.securityfocus.com/bid/25693
- http://www.trustix.org/errata/2006/0006
- http://www.vupen.com/english/advisories/2006/0435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24504
- http://marc.info/?l=full-disclosure&m=113890734603201&w=2
- http://secunia.com/advisories/18719
- http://www.osvdb.org/22905
- http://www.securityfocus.com/bid/25693
- http://www.trustix.org/errata/2006/0006
- http://www.vupen.com/english/advisories/2006/0435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24504
Products affected by CVE-2006-0575
-
cpe:2.3:a:thibault_godouet:fcron:2.9.5
-
cpe:2.3:a:thibault_godouet:fcron:3.0.0