Bugtraq mailing list archives

Re: vixie cron

From: roberto () blaise ibp fr (Ollivier ROBERT)
Date: Wed, 3 Aug 1994 10:18:03 +0200 (MET DST)

i have recently heard that vixie cron, pre version 3.0??, has several holes in t.   can anyone confirm this?  what is 
the recommended upgrade path?  replace
with version 3.0 or is there a newer more secure version yet?


The last one is 3.0 PL 1. I do not have that much information about the
holes themselves but I guess that they would enable anyone to open 
privileged files and such.

Most versions of Linux and both FreeBSD and NetBSD have 3.0p1. It has been
posted in comp.sources.misc if I remember well.

-- 
Ollivier ROBERT                                           roberto () hsc fr net
Hervé Schauer Consultants                Ollivier.Robert () keltia frmug fr net
PERL / MIME / PGP 2.6ui         FreeBSD keltia 1.1.5(RELEASE) RELEASE#0 i386

Current thread:

Re: -froot??? (AIX rlogin bug) Bill Heiser (Aug 01)
- Re: -froot??? (AIX rlogin bug) irvdwijk () cs vu nl (Aug 01)
- SunOs bug G.J.W. Hagenaars (Aug 02)
- The things you can find with Mosaic Daniel R Ehrlich (Aug 02)
- vixie cron Jonathan M. Bresler (Aug 02)
  - Re: vixie cron Ollivier ROBERT (Aug 03)
- <Possible follow-ups>
- Re: -froot??? (AIX rlogin bug) DFRussell (Aug 01)
- Re: -froot??? (AIX rlogin bug) Derik Jarne x353-2490 (Aug 01)