mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
Score: 1.8
Priority: P4 - Informational (Low)
Score: 0.00357
Percentile:
0.57255
CVSS v2 Score: 7.2
Severity: