CVE-2012-6110 Information

Description

bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job which allows local users to modify job files and send spam messages by accessing an open file descriptor.

Reference

http://seclists.org/oss-sec/2013/q1/102 http://untroubled.org/bcron/NEWS https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686650 https://exchange.xforce.ibmcloud.com/vulnerabilities/81383