[11583] in bugtraq
Re: [RHSA-1999:030-01] Buffer overflow in cron daemon
daemon@ATHENA.MIT.EDU (Sam Carter)
Sun Aug 29 22:36:07 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.10.9908280122230.21650-100000@forest.owlnet.rice.edu>
Date: Sat, 28 Aug 1999 01:31:59 -0500
Reply-To: Sam Carter <petrov@OWLNET.RICE.EDU>
From: Sam Carter <petrov@OWLNET.RICE.EDU>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19990825211720.A3016@xenomorph.redhat.com>
On Wed, 25 Aug 1999, Bill Nottingham wrote:
> Intel:
> rpm -Uvh ftp://ftp.redhat.com/redhat/updates/6.0/i386/vixie-cron-3.0.1-37.i386.rpm
This is my architecture for several boxes that I administer. I get a user
anonymous access denied message when I try to login with lynx
or wget, (presumably the same reason why rpm fails to download it). I
tried to access it at:
ftp://updates.redhat.com/6.0/i386/vixie-cron-3.0.1-37.i386.rpm
and found that the actual url is:
ftp://updates.redhat.com/6.0/i386/vixie-cron-3.0.1-38.i386.rpm
s/6.0/your version/;
s/i386/your CPU/g;
presumably a minor change was made after the announcement. I don't know
if the ftp.redhat.com address works under rpm. I don't know why user
anonymous is denied from ftp.redhat.com (or even if that was the reason
why rpm failed to get the file, it's error messages are atrocious).
cheers,
sam
