CVE-2012-6110

NameCVE-2012-6110
Descriptionbcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow (attack range: local)
Debian Bugs686650

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bcron (PTS)jessie0.10-3fixed
bullseye, sid, buster0.11-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bcronsource(unstable)0.09-13low686650
bcronsourcesqueeze0.09-11+squeeze1low

Search for package or bug name: Reporting problems