[11656] in bugtraq
Re: Debian not vulnerable to recent cron buffer overflow
daemon@ATHENA.MIT.EDU (Peter Wemm)
Thu Sep 2 18:23:31 1999
Message-Id: <19990901072552.6E4EC1CA7@overcee.netplex.com.au>
Date: Wed, 1 Sep 1999 15:25:52 +0800
Reply-To: Peter Wemm <peter@NETPLEX.COM.AU>
From: Peter Wemm <peter@NETPLEX.COM.AU>
X-To: Marc Merlin <marc_news@MERLINS.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Sat, 28 Aug 1999 22:43:03 MST."
<19990828224303.D15627@merlins.org>
Marc Merlin wrote:
[..]
> >
> > Red Hat has recently released a Security Advisory (RHSA-1999:030-01)
> > covering a buffer overflow in the vixie cron package. Debian has
> > discovered this bug two years ago and fixed it. Therefore versions in
> > both, the stable and the unstable, distributions of Debian are not
> > vulnerable to this problem..
>
> Does anyone know if Debian never sent the fix to Paul Vixie, or if it was
> sent and Paul "missed it"?
I'm not sure what or how it happened, but in FreeBSD at least this problem
was solved differently, and quite some time ago. FreeBSD's cron doesn't
supply the arguments to sendmail, it uses sendmail -t and prints the
recipient name in the To: header, letting sendmail decide if it's a valid
recipient address or not.
revision 1.3
date: 1995/04/14 21:54:16; author: ache; state: Exp; lines: +3 -2
Fix MAILTO hole by passing -t to sendmail
Submitted by: Mike Pritchard <pritc003@maroon.tc.umn.edu>
Cheers,
-Peter
--
Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au
