CVE-2000-1096

Name of the Vulnerable Software and Affected Versions crontab (affected versions not specified)

Description The issue concerns the use of predictable file names for temporary files by crontab, which does not ensure proper ownership of these files by the user executing the crontab -e command. This allows local users with write access to the crontab spool directory to execute arbitrary commands. They can achieve this by creating world-writeable temporary files and modifying them while the victim is editing the file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.