Bugtraq mailing list archives
Re: [RHSA-1999:030-01] Buffer overflow in cron daemon
From: adam () XPERT COM (Adam Morrison)
Date: Sun, 29 Aug 1999 12:42:05 +0200
7. Problem description: Also, it was possible to use specially formatted 'MAILTO' environment variables to send commands to sendmail.
FWIW, this was fixed in FreeBSD in early 1995 by Andrey Chernov in response to a similar hole in atrun(8) hole that I reported.
Current thread:
- [RHSA-1999:030-01] Buffer overflow in cron daemon Bill Nottingham (Aug 25)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Michal Zalewski (Jul 04)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Todd C. Miller (Aug 28)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Kurt Seifried (Aug 29)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Olaf Kirch (Aug 26)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Sam Carter (Aug 27)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Adam Morrison (Aug 29)
- <Possible follow-ups>
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Todd C. Miller (Aug 28)
- Re: [RHSA-1999:030-01] Buffer overflow in cron daemon Michal Zalewski (Jul 04)