From owner-freebsd-security  Mon Dec 16 05:27:59 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id FAA29059
          for security-outgoing; Mon, 16 Dec 1996 05:27:59 -0800 (PST)
Received: from eel.dataplex.net (eel.dataplex.net [208.2.87.2])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id FAA29053
          for <security@FreeBSD.ORG>; Mon, 16 Dec 1996 05:27:57 -0800 (PST)
Received: from [208.2.87.4] (cod [208.2.87.4])
          by eel.dataplex.net (8.7.5/8.7.3) with ESMTP id HAA23931;
          Mon, 16 Dec 1996 07:28:02 -0600 (CST)
X-Sender: rkw@mail.dataplex.net
Message-Id: <l03010d02aedafca2ae0c@[208.2.87.4]>
In-Reply-To: <Pine.FBSD.3.95.961216130323.14404A-100000@xkis.kis.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Mon, 16 Dec 1996 07:27:15 -0600
To: Dmitry Valdov <dv@kis.ru>
From: Richard Wackerbarth <rkw@dataplex.net>
Subject: Re: crontab security hole exploit
Cc: security@FreeBSD.ORG
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

>Hello!
>
>Exploit for buffer overflow in crontab.
>
>
>/* ---------------------------- CUT HERE
>----------------------------------- */

Please do not post exploit details to the list. The details can be sent
privately to security-officer@FreeBSD.ORG.
Observations that they exist, preferably with impact statements (eg. user
can gain root access) and proposed fixes are appropriate for public notice.