Bugtraq mailing list archives
Re: Vixie Crontab exploit code
From: lcamtuf () IDS PL (Michal Zalewski)
Date: Tue, 6 Jul 1999 18:33:34 +0200
On Thu, 2 Sep 1999, Taeho Oh wrote:
Vixie Crontab exploit code
Seems to me it's quite similar to exploit posted by me to BUGTRAQ before (and available at http://lcamtuf.na.export.pl/pliki/rootcron), except that your exploit makes blind assumption on procmail as default mailer (hmm) and other parts of /etc/sendmail.cf - eg. default user settings... And finally, +s /tmp/sh is not always enough (setuid(getuid()) is quite common)... In fact, can't see anything innovative, but execuse me if I'm wrong ;) _______________________________________________________________________ Michal Zalewski [lcamtuf () ids pl] [link / marchew] [dione.ids.pl SYSADM] [Marchew Industries] ! [http://lcamtuf.na.export.pl] bash$ :(){ :|:&};: [voice phone: +48 22 813 25 86] <=-=> [cellular phone: +48 501 4000 69] Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]
Current thread:
- Re: Vixie Crontab exploit code Michal Zalewski (Jul 06)
- <Possible follow-ups>
- Vixie Crontab exploit code Taeho Oh (Sep 01)
- Re: Vixie Crontab exploit code rjp () BROWSER ORG (Sep 06)