Vulnerability Development mailing list archives

Re: nonsuid overflows... still at risk?

From: KF <dotslash () snosoft com>
Date: Wed, 06 Jun 2001 07:35:35 -0400

exactly what I was thinking... crontab -e calls vi to open the users
crontab...
this is why I was wondering if it could be exploited due to the fact
that crontab is suid. 
-KF 

Michal Zalewski wrote:


On Tue, 5 Jun 2001, KF wrote:

# crontab -e
note there was no message about it but there is a new core file.
# ls core
core

input anyone?


# file core

I bet it is $EDITOR that crashed, crontab itself is not using $TERM for
any purposes, IIRC... Try screen.

--
_____________________________________________________
Michal Zalewski [lcamtuf () bos bindview com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=

Current thread:

Re: TCSH problems?, (continued)
- - - Re: TCSH problems? Sven van ´t Veer (Jun 06)
  - Re: TCSH problems? Edsel Adap (Jun 06)
  - Re: TCSH problems? Felix Kronlage (Jun 06)
    - Re: TCSH problems? Andreas Forsgren (Jun 06)
  - Re: TCSH problems? Branko Ivanovic (Jun 06)
  - Re: TCSH problems? Lee Smith (Jun 06)
    - Re: TCSH problems? sean (Jun 07)
  - Re: TCSH problems? poke (Jun 07)
- Re: nonsuid overflows... still at risk? Andrew R. Reiter (Jun 06)
- Re: nonsuid overflows... still at risk? Michal Zalewski (Jun 06)
  - Re: nonsuid overflows... still at risk? KF (Jun 06)
    - Re: nonsuid overflows... still at risk? Michal Zalewski (Jun 06)
    - Re: nonsuid overflows... still at risk? KF (Jun 06)
    - crontab and sgid (was: nonsuid overflows... still at risk?) Tomasz Grabowski (Jun 07)
    - Re: crontab and sgid (was: nonsuid overflows... still at risk?) Olaf Kirch (Jun 08)
    - Re: crontab and sgid (was: nonsuid overflows... still at risk?) Rafal Wojtczuk (Jun 09)
- Re: nonsuid overflows... still at risk? Bela Lubkin (Jun 07)