[19212] in bugtraq
Re: vixie cron possible local root compromise
daemon@ATHENA.MIT.EDU (Robert Varga)
Wed Feb 14 11:32:23 2001
Mail-Followup-To: Robert Varga <nite@hq.alert.sk>, bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="7AUc2qLy4jB3hD7Z"
Content-Disposition: inline
Message-ID: <20010214122114.A3479@hq.alert.sk>
Date: Wed, 14 Feb 2001 12:21:14 +0100
Reply-To: Robert Varga <nite@HQ.ALERT.SK>
From: Robert Varga <nite@HQ.ALERT.SK>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <000401c0954e$00babe40$0300000a@TheWell.LAN>; from
bhodi@BIGFOOT.COM on Mon, Feb 12, 2001 at 03:46:20PM -0800
--7AUc2qLy4jB3hD7Z
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Feb 12, 2001 at 03:46:20PM -0800, Blake R. Swopes wrote:
> Considering what overflows the buffer (your username), it would seem that
> you'd need root access to begin with in order to craft an exploit. Am I
> wrong?
Well this could be used to gain root privileges on free shell-account
servers, which don't do the proper bounds checking and the registration
process is fully automated...
--=20
Kind regards,
Robert Varga
---------------------------------------------------------------------------=
---
n@hq.sk http://hq.sk/~nite/gpgkey.=
txt
=20
--7AUc2qLy4jB3hD7Z
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6imoq9aKR2/T45h8RAny2AJsEoTSabpoMX4HPrL+6/ALQvgPw7wCbB0cm
MW7ccYg7gHEkjOq/vz41mLQ=
=ycQQ
-----END PGP SIGNATURE-----
--7AUc2qLy4jB3hD7Z--
