From owner-freebsd-security  Wed Dec 18 22:11:13 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id WAA02806
          for security-outgoing; Wed, 18 Dec 1996 22:11:13 -0800 (PST)
Received: from bitbucket.edmweb.com (bitbucket.edmweb.com [204.244.190.9])
          by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id WAA02801
          for <security@freebsd.org>; Wed, 18 Dec 1996 22:11:10 -0800 (PST)
Received: (from steve@localhost) by bitbucket.edmweb.com (8.6.12/8.6.12) id WAA03056; Wed, 18 Dec 1996 22:11:09 -0800
Date: Wed, 18 Dec 1996 22:11:05 -0800 (PST)
From: Steve Reid <steve@edmweb.com>
To: FreeBSD Security List <security@freebsd.org>
Subject: cron [FreeBSD-SA-96:20.stack-overflow]
In-Reply-To: <199612172007.VAA03986@gvr.win.tue.nl>
Message-ID: <Pine.BSF.3.91.961218220740.2563E-100000@bitbucket.edmweb.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> Topic:		unauthorized access via buffer overruns
> 		cron, crontab, ppp
> Category:	core
> Module:		cron, crontab, ppp

What is the nature of the problem with cron? If a user doesn't have 
access to crontab files, can they somehow cause buffer overflows in the 
running process???