Bugtraq mailing list archives
Re: Root shell vixie cron exploit
From: raymond () THRIJSWIJK NL (Raymond Dijkxhoorn)
Date: Tue, 7 Sep 1999 12:04:57 +0200
Hi!
I had assumed that the whole problem with the vixie-cron exploit was that cron allowed users to invoke sendmail with arbitrary command-line options *as root*, so dropping SUID status doesn't do any good. Sendmail doesn't try to protect the root user from themselves.
I tried it on several RedHat 4.x 5.x and 6.x boxes and when they ARE running sendmail, a lot alsos did qmail, it worked just fine... Bye, Raymond.
Current thread:
- Root shell vixie cron exploit Michal Zalewski (Jul 05)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
- Re: Root shell vixie cron exploit Michal Zalewski (Sep 01)
- Re: Root shell vixie cron exploit John Kennedy (Sep 03)
- Re: Root shell vixie cron exploit Peter Wemm (Sep 07)
- Re: Root shell vixie cron exploit Raymond Dijkxhoorn (Sep 07)
- Re: Root shell vixie cron exploit Christos Zoulas (Sep 03)
- [security-officer () FreeBSD ORG: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques] Patrick Oonk (Sep 03)
- Re: Root shell vixie cron exploit Valentin Nechayev (Sep 04)
- gftp Oscar Haeger (Sep 05)
- Re: gftp - ms ftp debug mode Bencsath Boldizsar (Sep 08)
- fixing all buffer overflows --- random magin numbers Dr. Joel M. Hoffman (Sep 11)
- Re: fixing all buffer overflows --- random magin numbers Peter van Dijk (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Eric Hutchinson (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Daniel W. Dulitz x108 (Sep 13)
- Enterprise Overflow Daniel Kerr (Sep 11)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)