[11594] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [RHSA-1999:030-01] Buffer overflow in cron daemon

daemon@ATHENA.MIT.EDU (Adam Morrison)
Mon Aug 30 05:50:33 1999

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id:  <37C90E7D.B2445C69@xpert.com>
Date:         Sun, 29 Aug 1999 12:42:05 +0200
Reply-To: Adam Morrison <adam@XPERT.COM>
From: Adam Morrison <adam@XPERT.COM>
X-To:         Bill Nottingham <notting@REDHAT.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

> 7. Problem description:
>
> Also, it was possible to use specially formatted 'MAILTO'
> environment variables to send commands to sendmail.

FWIW, this was fixed in FreeBSD in early 1995 by Andrey Chernov
in response to a similar hole in atrun(8) hole that I reported.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[11594] in bugtraq

Re: [RHSA-1999:030-01] Buffer overflow in cron daemon

daemon@ATHENA.MIT.EDU (Adam Morrison)Mon Aug 30 05:50:33 1999

daemon@ATHENA.MIT.EDU (Adam Morrison)
Mon Aug 30 05:50:33 1999