On Tue, May 08, 2001 at 02:01:21PM -0700, Jay D. Dyson wrote:
> On Tue, 8 May 2001, Edwin Chiu wrote:
>
> > The exploit failed for:
> > Redhat 6.1
> > vixie-cron-3.0.1-39
> > Redhat 6.2
> > vixie-cron-3.0.1-40
>
> *nod* I wrote to Cade directly regarding the advisory as it seems
> to me that the issue is more a matter of Debian's implementation of Vixie
> cron than an issue with Vixie cron itself. I'm still futzing with it to
> see if any other implementations will squeal. Fun and interesting results
> will be posted when found. ;)

I think this is a Linux-specific "enhancement" to vixie cron; nothing
remotely similar to the affected code seems to be in the FreeBSD
version, and I thought we were using the most recent vendor version.

Kris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6+G43Wry0BWjoQKURAix9AKCIdP12011eSCfVg23DXrFkDM9sHgCgr/E5
OWunALAn1pHuBNZ+a4P0ojQ=
=rsVR
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]