bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bcron_project | bcron_exec | 0.07 |
| bcron_project | bcron_exec | 0.06 |
| bcron_project | bcron_exec | * |
| bcron_project | bcron_exec | 0.04 |
| bcron_project | bcron_exec | 0.08 |
| bcron_project | bcron_exec | 0.05 |