Updated: 2003-01-19 05:50

Buffer over-run bug

CIAC Security Bulletin H-17

1. Command line buffer overrun

Due to insufficient bounds checking on arguments which are supplied by users, it is possible to overwrite the internal stack space of the crontab program while it is executing. By supplying a carefully designed argument to the crontab program, intruders may be able to force crontab to execute arbitrary commands. As crontab is setuid root, this may allow intruders to run arbitrary commands with root privileges.

Web Author: Ian! D. Allen idallen@idallen.ca      Updated: 2003-01-19 05:50

Internet Free Zone Level 1 logo Support free and non-commercial Internet.

Any Browser logo This site works best in Any Browser, a campaign for non-specific WWW.

Creative Commons License logo This work is licensed under a Creative Commons License.