[20633] in bugtraq
Re: Vixie cron vulnerability
daemon@ATHENA.MIT.EDU (Wichert Akkerman)
Tue May 15 14:32:18 2001
Date: Tue, 15 May 2001 14:44:25 +0200
From: Wichert Akkerman <wichert@cistron.nl>
To: BUGTRAQ@securityfocus.com
Message-ID: <20010515144424.B9044@cistron.nl>
Mail-Followup-To: BUGTRAQ@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010508150751.A3900@xor.obsecurity.org>; from kris@obsecurity.org on Tue, May 08, 2001 at 03:07:52PM -0700
Previously Kris Kennaway wrote:
> I think this is a Linux-specific "enhancement" to vixie cron; nothing
> remotely similar to the affected code seems to be in the FreeBSD
> version, and I thought we were using the most recent vendor version.
As the Debian advisory mentioned, this was the result of a bug in an
earlier security fix we made. As such only those who also used that
other patch are vulnerable.
Wichert.
--
_________________________________________________________________
/ Nothing is fool-proof to a sufficiently talented fool \
| wichert@cistron.nl http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
