> 7. Problem description: > > Also, it was possible to use specially formatted 'MAILTO' > environment variables to send commands to sendmail. FWIW, this was fixed in FreeBSD in early 1995 by Andrey Chernov in response to a similar hole in atrun(8) hole that I reported.
- [RHSA-1999:030-01] Buffer overflow in cron daemon Bill Nottingham
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Olaf Kirch
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Michal Zalewski
- Re: [RHSA-1999:030-01] Buffer overflow in cron da... Todd C. Miller
- Re: [RHSA-1999:030-01] Buffer overflow in cron da... Todd C. Miller
- Re: [RHSA-1999:030-01] Buffer overflow in cro... Kurt Seifried
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Sam Carter
- Adam Morrison