Vulnerabilities > Paul Vixie > Vixie Cron > 3.0.pl1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-01-09 | CVE-2000-1096 | Unspecified vulnerability in Paul Vixie Cron 3.0Pl1 crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file. | 3.7 |
1999-08-25 | CVE-1999-0872 | Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. | 7.2 |
1999-08-25 | CVE-1999-0769 | Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | 7.2 |