Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
1999-08-25T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.2 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | paul_vixie | vixie_cron | 3.0_pl1 | Yes |
| Operating System | caldera | openlinux | 2.2 | Yes |
| Operating System | debian | debian_linux | 2.1 | Yes |
| Operating System | debian | debian_linux | 2.2 | Yes |
| Operating System | redhat | linux | 4.0 | Yes |
| Operating System | redhat | linux | 4.1 | Yes |
| Operating System | redhat | linux | 4.2 | Yes |
| Operating System | redhat | linux | 5.0 | Yes |
| Operating System | redhat | linux | 5.1 | Yes |
| Operating System | redhat | linux | 5.2 | Yes |
| Operating System | redhat | linux | 6.0 | Yes |