Bugtraq mailing list archives
Re: vixie cron possible local root compromise
From: Robert Varga <nite () HQ ALERT SK>
Date: Wed, 14 Feb 2001 12:21:14 +0100
On Mon, Feb 12, 2001 at 03:46:20PM -0800, Blake R. Swopes wrote:
Considering what overflows the buffer (your username), it would seem that you'd need root access to begin with in order to craft an exploit. Am I wrong?
Well this could be used to gain root privileges on free shell-account servers, which don't do the proper bounds checking and the registration process is fully automated... -- Kind regards, Robert Varga ------------------------------------------------------------------------------ n () hq sk http://hq.sk/~nite/gpgkey.txt
Attachment:
_bin
Description:
Current thread:
- vixie cron possible local root compromise Flatline (Feb 12)
- Re: vixie cron possible local root compromise Blake R. Swopes (Feb 12)
- Re: vixie cron possible local root compromise Robert Varga (Feb 14)
- Re: vixie cron possible local root compromise Arthur Clune (Feb 15)
- Re: vixie cron possible local root compromise Peter W (Feb 15)
- Re: vixie cron possible local root compromise Flavio Veloso (Feb 16)
- Re: vixie cron possible local root compromise Robert Varga (Feb 14)
- Re: vixie cron possible local root compromise Mate Wierdl (Feb 15)
- Re: vixie cron possible local root compromise Blake R. Swopes (Feb 12)
- Re: vixie cron possible local root compromise Rodrigo Barbosa (aka morcego) (Feb 13)
- (CORRECTION) Re: vixie cron possible local root compromise Rodrigo Barbosa (aka morcego) (Feb 14)
- Re: vixie cron possible local root compromise Valdis Kletnieks (Feb 14)