Considering what overflows the buffer (your username), it would seem that
you'd need root access to begin with in order to craft an exploit. Am I
wrong?

Of course, maybe this could be some exotic new addition to a rootkit.

> -----Original Message-----
> From: Bugtraq List [mailto:[EMAIL PROTECTED]]On Behalf Of
> Flatline
> Sent: Saturday, February 10, 2001 3:38 PM
> To: [EMAIL PROTECTED]
> Subject: vixie cron possible local root compromise
>
>
> - Introduction:
>
> Paul Vixie's crontab version 3.0.1-56 contains another buffer overflow
> vulnerability.
> I'm not sure whether it's exploitable or not, it needs to be
> fixed however.
>
>

Reply via email to