Bugtraq mailing list archives
Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program
From: ig25 () MVMAP66 CIW UNI-KARLSRUHE DE (Thomas Koenig)
Date: Sat, 14 Jun 1997 19:44:58 +0200
The Nolander wrote:
Uhm.. Atleast I have known of this at vulnerability for a while... Even though it still exists on atleast my Linux box I can't say it's easy exploitable.. (at complains about garbled time when trying with some "not nice" stuff)..
Where, exactly? The CERT advisory was talking about commercial systems. The Linux implementation of at(1) is entirely written from scratch. There was a "obtain root" hole in earlier versions of at (somewhere pre 2.7, and not caused by a buffer overrun), plus an off-by-one error some time ago. All of these are believed fixed in 2.9b, the current public version of at. BTW, "garbled time" is an indication that at could not parse the date it was handed. -- Thomas Koenig, Thomas.Koenig () ciw uni-karlsruhe de, ig25@dkauni2.bitnet. The joy of engineering is to find a straight line on a double logarithmic diagram.
Current thread:
- wu-ftpd 2.4.2-beta-13 default UMASK hole Roy M. Hooper (Jun 11)
- wu-ftpd 2.4.2-beta-13 default UMASK hole Steve VanDevender (Jun 11)
- Re: wu-ftpd 2.4.2-beta-13 default UMASK hole George Staikos (Jun 11)
- Denial of service (qmail-smtpd) Frank DENIS -Jedi/Sector One- (Jun 11)
- qmail-dos-2.c, another denial of service attack Frank DENIS -Jedi/Sector One- (Jun 11)
- DNS abuse Jordi Murgo (Jun 11)
- Solaris x86 buffer overflows jim bresler (Jun 12)
- CERT Advisory CA-97.18 - Vulnerability in the at(1) program Aleph One (Jun 12)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Rick Byers (Jun 12)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program The Nolander (Jun 12)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Thomas Koenig (Jun 14)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Adam Morrison (Jun 15)
- Netscape Exploit root (Jun 14)
- Bug in SGI's /cgi-bin/handler Razvan Dragomirescu (Jun 14)
- Re: Bug in SGI's /cgi-bin/handler Yaron Yanay (Jun 15)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Rick Byers (Jun 12)
- sendmail 8.8.6 released Eric Allman (Jun 14)
- Re: Netscape Exploit Roger Espel Llima (Jun 14)
- Re: Netscape Exploit Micah Brandon (Jun 14)
- Re: Netscape Exploit Manoj Kasichainula (Jun 15)
- rshd gives away usernames David Holland (Jun 13)
- Re: rshd gives away usernames Erik Troan (Jun 13)