VULHUB ™

Bsmunconv is prone to overwriting root's crontab file. It is conjectured that this issue is due to a failure of the utility to ensure that the '/tmp/root' directory doesn't exist prior to execution. This vulnerability allows local attackers to overwrite root's crontab file. It is not known at this time if attackers can control the contents of the new crontab file. This vulnerability may allow attackers to execute arbitrary script commands with superuser privileges. Sun describes this issue as: "4383308 bsmunconv over writes root's cron tab if cu has created dir called /tmp/root"

Bsmunconv is prone to overwriting root's crontab file. It is conjectured that this issue is due to a failure of the utility to ensure that the '/tmp/root' directory doesn't exist prior to execution. This vulnerability allows local attackers to overwrite root's crontab file. It is not known at this time if attackers can control the contents of the new crontab file. This vulnerability may allow attackers to execute arbitrary script commands with superuser privileges. Sun describes this issue as: "4383308 bsmunconv over writes root's cron tab if cu has created dir called /tmp/root"