On Thu, 2 Sep 1999, Taeho Oh wrote: > Vixie Crontab exploit code Seems to me it's quite similar to exploit posted by me to BUGTRAQ before (and available at http://lcamtuf.na.export.pl/pliki/rootcron), except that your exploit makes blind assumption on procmail as default mailer (hmm) and other parts of /etc/sendmail.cf - eg. default user settings... And finally, +s /tmp/sh is not always enough (setuid(getuid()) is quite common)... In fact, can't see anything innovative, but execuse me if I'm wrong ;) _______________________________________________________________________ Michal Zalewski [lcamtufat_private] [link / marchew] [dione.ids.pl SYSADM] [Marchew Industries] ! [http://lcamtuf.na.export.pl] bash$ :(){ :|:&};: [voice phone: +48 22 813 25 86] <=-=> [cellular phone: +48 501 4000 69] Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:34 PDT