|
Buffer over-run bugCIAC Security Bulletin H-17 [BROKEN LINK in 2008] 1. Command line buffer overrunDue to insufficient bounds checking on arguments which are supplied by users, it is possible to overwrite the internal stack space of the crontab program while it is executing. By supplying a carefully designed argument to the crontab program, intruders may be able to force crontab to execute arbitrary commands. As crontab is setuid root, this may allow intruders to run arbitrary commands with root privileges. The CIAC site is down. As an alternative, search for "buffer" here: Incident Management |
Web Author: Ian! D. Allen idallen@idallen.ca Updated: 2003-01-19 05:50 Support free and non-commercial Internet. This site works best in Any Browser, a campaign for non-specific WWW. This work is licensed under a Creative Commons License. |