Date: Wed, 9 May 2001 00:04:06 +0200 From: Szilveszter Adam <sziszi@petra.hos.u-szeged.hu> To: security@FreeBSD.ORG Subject: Re: Fwd: Vixie cron vulnerability Message-ID: <20010509000406.C7798@petra.hos.u-szeged.hu> In-Reply-To: <20010508144020.C2823@xor.obsecurity.org>; from kris@obsecurity.org on Tue, May 08, 2001 at 02:40:20PM -0700 References: <20010508201307.A2613@petra.hos.u-szeged.hu> <20010508144020.C2823@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 08, 2001 at 02:40:20PM -0700, Kris Kennaway wrote: > On Tue, May 08, 2001 at 08:13:07PM +0200, Szilveszter Adam wrote: > > Hello, > > > > I hate to disturb, but... > > > > I cannot reproduce this, but... are we affected? This looks like rather > > new... > > I checked this when I first heard about it and we don't seem to be. I > don't even know where that version came from, it might be a > linux-originated thing. > > Kris Well the version is surely Debian: p1 stands for patchlevel 1, I guess. The crontab on one of our Linux boxen was already updated and it produced exactly the same result as the one on -CURRENT: a shell wrapper suid me:-) Cool. Maybe you (kris) should inform BUGTRAQ that we are (as usual) exempt from the excitement that running vulnerable systems entails... On a semi-related note: I found no good way of finding out what version of cron we have. Last time when there was an exploit I had to check ident(1) lines IIRC. Does any of you know of a better way? -- Regards: Szilveszter ADAM Szeged University Szeged Hungary To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010509000406.C7798>