File Descriptor Leakage in bcron Allows Unauthorized Modification of Job Files and Spam Message Sending

File Descriptor Leakage in bcron Allows Unauthorized Modification of Job Files and Spam Message Sending

CVE-2012-6110 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

Learn more about our User Device Pen Test.