Considering what overflows the buffer (your username), it would seem that you'd need root access to begin with in order to craft an exploit. Am I wrong? Of course, maybe this could be some exotic new addition to a rootkit. > -----Original Message----- > From: Bugtraq List [mailto:[EMAIL PROTECTED]]On Behalf Of > Flatline > Sent: Saturday, February 10, 2001 3:38 PM > To: [EMAIL PROTECTED] > Subject: vixie cron possible local root compromise > > > - Introduction: > > Paul Vixie's crontab version 3.0.1-56 contains another buffer overflow > vulnerability. > I'm not sure whether it's exploitable or not, it needs to be > fixed however. > >
- vixie cron possible local root compromise Flatline
- Re: vixie cron possible local root comp... Peter van Dijk
- Re: vixie cron possible local root comp... Blake R. Swopes
- Re: vixie cron possible local root ... Robert Varga
- Re: vixie cron possible local r... Arthur Clune
- Re: vixie cron possible loc... Peter W
- Re: vixie cron possibl... Flavio Veloso
- Re: vixie cron possible local r... Mate Wierdl
- Re: vixie cron possible local root comp... Valentin Nechayev
- Re: vixie cron possible local root comp... gabriel rosenkoetter
- Re: vixie cron possible local root ... Rodrigo Barbosa (aka morcego)
- (CORRECTION) Re: vixie cron pos... Rodrigo Barbosa (aka morcego)
- Re: vixie cron possible local r... Valdis Kletnieks
