Bugtraq mailing list archives
Re: vixie cron possible local root compromise
From: "Blake R. Swopes" <bhodi () BIGFOOT COM>
Date: Mon, 12 Feb 2001 15:46:20 -0800
Considering what overflows the buffer (your username), it would seem that you'd need root access to begin with in order to craft an exploit. Am I wrong? Of course, maybe this could be some exotic new addition to a rootkit.
-----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of Flatline Sent: Saturday, February 10, 2001 3:38 PM To: BUGTRAQ () SECURITYFOCUS COM Subject: vixie cron possible local root compromise - Introduction: Paul Vixie's crontab version 3.0.1-56 contains another buffer overflow vulnerability. I'm not sure whether it's exploitable or not, it needs to be fixed however.
Current thread:
- vixie cron possible local root compromise Flatline (Feb 12)
- Re: vixie cron possible local root compromise Blake R. Swopes (Feb 12)
- Re: vixie cron possible local root compromise Robert Varga (Feb 14)
- Re: vixie cron possible local root compromise Arthur Clune (Feb 15)
- Re: vixie cron possible local root compromise Peter W (Feb 15)
- Re: vixie cron possible local root compromise Flavio Veloso (Feb 16)
- Re: vixie cron possible local root compromise Robert Varga (Feb 14)
- Re: vixie cron possible local root compromise Mate Wierdl (Feb 15)
- Re: vixie cron possible local root compromise Blake R. Swopes (Feb 12)
- Re: vixie cron possible local root compromise Rodrigo Barbosa (aka morcego) (Feb 13)
- (CORRECTION) Re: vixie cron possible local root compromise Rodrigo Barbosa (aka morcego) (Feb 14)