Unrated severityNVD Advisory· Published Mar 1, 2005· Updated Apr 16, 2026

CVE-2004-1031

Description

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.

Affected products

Thibault Godouet/Fcron2 versions
cpe:2.3:a:thibault_godouet:fcron:2.0.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:thibault_godouet:fcron:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:thibault_godouet:fcron:2.9.4:*:*:*:*:*:*:*
Gentoo/Linux
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/11684nvdPatchVendor Advisory
security.gentoo.org/glsa/glsa-200411-27.xmlnvd
www.idefense.com/application/poi/displaynvd
exchange.xforce.ibmcloud.com/vulnerabilities/18076nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000