Date: Thu, 19 Dec 1996 09:11:36 +0100 (MET) From: Guido.vanRooij@nl.cis.philips.com (Guido van Rooij) To: steve@edmweb.com (Steve Reid) Cc: security@freebsd.org Subject: Re: cron [FreeBSD-SA-96:20.stack-overflow] Message-ID: <199612190811.JAA27696@bsd.lss.cp.philips.com> In-Reply-To: <Pine.BSF.3.91.961218220740.2563E-100000@bitbucket.edmweb.com> from Steve Reid at "Dec 18, 96 10:11:05 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Steve Reid wrote: > > Topic: unauthorized access via buffer overruns > > cron, crontab, ppp > > Category: core > > Module: cron, crontab, ppp > > What is the nature of the problem with cron? If a user doesn't have > access to crontab files, can they somehow cause buffer overflows in the > running process??? > If a user is allowed to run crontab you are in trouble. See the exploits recently posted on various lists, among which this list and Bugtraq. -Guido
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612190811.JAA27696>