[20574] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Vixie cron vulnerability

daemon@ATHENA.MIT.EDU (Edwin Chiu)
Tue May 8 16:46:23 2001

MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID:  <3AF83087.B0D2765@e-wares.com>
Date:         Tue, 8 May 2001 13:44:39 -0400
Reply-To: Edwin Chiu <Edwin.Chiu@E-WARES.COM>
From: Edwin Chiu <Edwin.Chiu@E-WARES.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

FYI

The exploit failed for:

Redhat 6.1
    vixie-cron-3.0.1-39

Redhat 6.2
    vixie-cron-3.0.1-40


Regards,
Edwin

Cade Cairns wrote:

> Greetings Bugtraqers,
>
> Attached is a simple proof of concept for the vixie cron vulnerability
> recently published in Debian Security Advisory DSA-054-1. The code was
> written during SIA analysis of this vulnerability.
>
> Further information on the vulnerability may be found in the SecurityFocus
> SIA commercial alert, also attached to this message.
>
> Cade Cairns
> SecurityFocus
> http://www.securityfocus.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20574] in bugtraq

Re: Vixie cron vulnerability

daemon@ATHENA.MIT.EDU (Edwin Chiu)Tue May 8 16:46:23 2001

daemon@ATHENA.MIT.EDU (Edwin Chiu)
Tue May 8 16:46:23 2001