Bugtraq: Re: Root shell vixie cron exploit

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Root shell vixie cron exploit

From: raymond () THRIJSWIJK NL (Raymond Dijkxhoorn)
Date: Tue, 7 Sep 1999 12:04:57 +0200

Hi!

  I had assumed that the whole problem with the vixie-cron exploit was
that cron allowed users to invoke sendmail with arbitrary command-line
options *as root*, so dropping SUID status doesn't do any good.
Sendmail doesn't try to protect the root user from themselves.


I tried it on several RedHat 4.x 5.x and 6.x boxes and when they ARE
running sendmail, a lot alsos did qmail, it worked just fine...

Bye,
Raymond.

By Date By Thread

Current thread:

Root shell vixie cron exploit Michal Zalewski (Jul 05)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
  - Re: Root shell vixie cron exploit Michal Zalewski (Sep 01)
  - Re: Root shell vixie cron exploit John Kennedy (Sep 03)
    - Re: Root shell vixie cron exploit Peter Wemm (Sep 07)
    - Re: Root shell vixie cron exploit Raymond Dijkxhoorn (Sep 07)
  - Re: Root shell vixie cron exploit Christos Zoulas (Sep 03)
  - [security-officer () FreeBSD ORG: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques] Patrick Oonk (Sep 03)
  - Re: Root shell vixie cron exploit Valentin Nechayev (Sep 04)
  - gftp Oscar Haeger (Sep 05)
    - Re: gftp - ms ftp debug mode Bencsath Boldizsar (Sep 08)