Mandrake Linux Security Advisory : vixie-cron (MDKSA-2001:022)
Medium Nessus Plugin ID 61896
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA buffer overflow exists in the 'crontab' command if it was called by a user with a username longer than 20 characters. If the system administrator has created usernames of that length, it would be possible for those users to gain elevated privileges.
SolutionUpdate the affected vixie-cron package.