From owner-freebsd-security Mon Dec 16 06:56:41 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id GAA10501 for security-outgoing; Mon, 16 Dec 1996 06:56:41 -0800 (PST) Received: from xinit.se (root@vampire.xinit.se [194.14.168.3]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id GAA10496 for ; Mon, 16 Dec 1996 06:56:38 -0800 (PST) Received: from lich (lich.xinit.se [194.14.168.2]) by xinit.se (8.7.3/8.7.4) with SMTP id PAA13094; Mon, 16 Dec 1996 15:55:54 +0100 (MET) Date: Mon, 16 Dec 1996 15:55:59 +0100 (MET) From: Joakim Rastberg X-Sender: jor@lich To: Richard Wackerbarth cc: Dmitry Valdov , security@FreeBSD.ORG Subject: Re: crontab security hole exploit In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 16 Dec 1996, Richard Wackerbarth wrote: >>Exploit for buffer overflow in crontab. >Please do not post exploit details to the list. The details can be sent >privately to security-officer@FreeBSD.ORG. >Observations that they exist, preferably with impact statements (eg. user >can gain root access) and proposed fixes are appropriate for public notice. Is that official? Or only wishful thinking (ie if noone post them they will go away?). I would rather like the exploits be posted as they can be used to leverage the "management" to pay attention (background: I am working as a contractor to run some unix-boxes and although I whine about the low security *nothing* happens until I can show I get a #, then someone perhaps pulls the plug and pays for a more secure installation. My point beeing is that many companies, at least the ones I work for, IGNORES holes until someone have shown them the exploit) /joakim rastberg, Xinit AB, Sundsvall Sweden.