Considering what overflows the buffer (your username), it would seem that
you'd need root access to begin with in order to craft an exploit. Am I
Of course, maybe this could be some exotic new addition to a rootkit.
> -----Original Message-----
> From: Bugtraq List [mailto:[EMAIL PROTECTED]]On Behalf Of
> Sent: Saturday, February 10, 2001 3:38 PM
> To: [EMAIL PROTECTED]
> Subject: vixie cron possible local root compromise
> - Introduction:
> Paul Vixie's crontab version 3.0.1-56 contains another buffer overflow
> I'm not sure whether it's exploitable or not, it needs to be
> fixed however.