Unrated severityNVD Advisory· Published Mar 1, 2005· Updated Apr 16, 2026

CVE-2004-1033

Description

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.

Affected products

Thibault Godouet/Fcron2 versions
cpe:2.3:a:thibault_godouet:fcron:2.0.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:thibault_godouet:fcron:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:thibault_godouet:fcron:2.9.4:*:*:*:*:*:*:*
Gentoo/Linux
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/11684nvdPatchVendor Advisory
security.gentoo.org/glsa/glsa-200411-27.xmlnvd
www.idefense.com/application/poi/displaynvd
exchange.xforce.ibmcloud.com/vulnerabilities/18078nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000