fcron (2.9.4-3.1ubuntu0.1) warty-security; urgency=low
* SECURITY UPDATE: Multiple Security Vulnerabilities in Fcron
* Applied modifications of the last version of the software (2.9.5.1)
* Vulnerability description:
- File contents disclosure: it's possible to read any file of the
system
- Configuration bypass vulnerability: it's possible to bypass access restrictions
- File Removal and Empty File Creation Vulnerability: it's possible to
remove any file on the system and to create empty files
- Information Disclosure Vulnerability: it's possible to view the content
of fcron.allow and fcron.deny
* References:
- http://www.idefense.com/application/poi/display?id=157&type=vulnerabilities&flashstatus=true
- http://www.securityfocus.com/bid/11684
- CAN-2004-1030, CAN-2004-1031, CAN-2004-1032, CAN-2004-1033
-- Gerardo Di Giacomo <email address hidden> Mon, 22 Nov 2004 13:12:21 +0000