ubuntu · CVE-2004-1031

Quick triage

Priority: medium Published: 2005-03-01 05:00:00 UTC Updated: 2025-07-17 16:34:19 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2004-1031 medium priority: Ubuntu including 1 source packages (fcron), 4 status rows across 4 suites (dapper, edgy, feisty, upstream): released 3, needs-triage 1.

Description:

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.

cvelogic Threat Intelligence