CVE-1999-0872

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Aug 25, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-0872 is a significant vulnerability affecting the Vixie cron daemon. A buffer overflow flaw in the program's handling of MAILTO environment variables in crontab files allows local users to execute arbitrary code with root privileges. By crafting a long MAILTO variable, an attacker can manipulate the cron daemon, potentially leading to unauthorized root access. This vulnerability underscores the importance of keeping system configurations secure and up-to-date to mitigate potential threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Red Hat Enterprise Linux
Debian

Affected Vendors

Debian
Red Hat

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/LMiWI9
https://www.cve.org/CVERecord?id=CVE-1999-0872
https://nvd.nist.gov/vuln/detail/CVE-1999-0872

Back to Vulnerability Database