Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0768 โ€” Improper Restriction of Operations within the Bounds of a Memory Buffer in Redhat Linux

5 documents4 sources
Severity
7.5HIGHNVD
EPSS
6.3%
top 9.05%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Redhat LinuxSuse Linux
Timeline
PublishedAug 25
Latest updateApr 30

Description

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

โ–ถNVDredhat/linux4.2, 5.2, 6.0+2
โ–ถNVDsuse/suse_linux6.0, 6.1+1

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-q395-vm9c-r75g: Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variableโ†—2022-04-30
โ–ถ
CVEList
CVE-1999-0768: Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variableโ†—2000-01-18
โ–ถ

๐Ÿ’ฅExploits & PoCs

2
Exploit-DB
RedHat Linux 4.2/5.2/6.0 / S.u.S.E Linux 6.0/6.1 - Cron Buffer Overflow (1)โ†—1999-08-30
โ–ถ
Exploit-DB
RedHat Linux 4.2/5.2/6.0 / S.u.S.E Linux 6.0/6.1 - Cron Buffer Overflow (2)โ†—1999-08-25
โ–ถ
CVE-1999-0768 โ€” Redhat Linux vulnerability | cvebase