Bugtraq mailing list archives

Re: Exploit for crontab bug (FreeBSD 2.1.0).

From: deraadt () theos com (Theo de Raadt)
Date: Sat, 14 Dec 1996 16:54:36 -0700


Leshka Zakharoff <leshka () leshka chuvashia su> writes:

/*      This is buffer overflow exploit for crontab bug (FreeBSD 2.1.0).     */
/*           If you have any problems with it, drop me a letter.             */
/*                              Have fun !                                   */


If I'm right, this was fixed in FreeBSD around... hmm, let's see:

    revision 1.5
    date: 1996/08/05 00:31:27;  author: pst;  state: Exp;  lines: +6 -4
    Fix up some more buffer overflow problems.

Which I guess didn't make it into 2.1.  In OpenBSD this was fixed at
the same time:

    revision 1.2
    date: 1996/08/07 06:18:09;  author: deraadt;  state: Exp;  lines: +6 -5
    buf oflow, nice error message; from freebsd

And this fix (along with fixes for other exploitable holes in the same
family of programs, hint hint Leshka) did make it into the OpenBSD 2.0
release.

Current thread:

Exploit for crontab bug (FreeBSD 2.1.0). Leshka Zakharoff (Dec 14)
- Re: Exploit for crontab bug (FreeBSD 2.1.0). Theo de Raadt (Dec 14)
  - Re: Exploit for crontab bug (FreeBSD 2.1.0). Jake Ott (Dec 14)