Re: Vulnerability in vixie cron?

From: Clément Lecigne <clemun@xxxxxxxxx>
Date: Tue, 18 Jul 2006 14:32:41 +0200

Hi,

Oliver Fromme wrote:

Hi,

(...)

Any information would be appreciated.

This issue was already discussed few weeks ago on this list.

http://lists.freebsd.org/pipermail/freebsd-hackers/2006-June/016729.html

In default configuration, this issue is not exploitable because a call to setuid(2) could fail only for non-root user. Anyway setuid(2) return value must be always checked and I guess this issue was fixed in HEAD and probably in RELENG_6 ?

Sincerely,
Clem

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

References:
- Vulnerability in vixie cron?
  - From: Oliver Fromme

Prev by Date: Re: Vulnerability in vixie cron?
Next by Date: Port scan from Apache?
Previous by thread: Re: Vulnerability in vixie cron?
Next by thread: Port scan from Apache?
Index(es):
- Date
- Thread

Relevant Pages

Re: Help - Stalled Swing Migration
... windows event viewer. ... Secure Web Configuration ... I've never had this wizard fail on me before. ... event log that's relevant and I include below the later part of the ceiw ...
(microsoft.public.windows.server.sbs)
Unable to access internet from windows ME client on ICS
... To simplify the description of the configuration, ... Ethernet adapter Local Area Connection 2: ... fail to load any web page when operating on the client machine. ...
(microsoft.public.win2000.new_user)
Unable to access internet from windows ME client on ICS
... To simplify the description of the configuration, ... Ethernet adapter Local Area Connection 2: ... fail to load any web page when operating on the client machine. ...
(microsoft.public.win2000.networking)
Re: Help - Stalled Swing Migration
... Secure Web Configuration ... A reinstall of ISA 2004 launches the CEICW which completes without error at ... I've never had this wizard fail on me before. ... This log follows a failure on the network configuration - I cancelled the ...
(microsoft.public.windows.server.sbs)
Re: Help - Stalled Swing Migration
... CEICW fails after filling in all the forms on the screen where is actually ... Secure Web Configuration ... I've never had this wizard fail on me before. ... This log follows a failure on the network configuration - I cancelled the ...
(microsoft.public.windows.server.sbs)