From owner-freebsd-bugs Sun Jan 2 14:18:26 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from muschel.global-phun.net (muschel.Global-Phun.net [212.6.148.36]) by hub.freebsd.org (Postfix) with ESMTP id 71AF514D8B for ; Sun, 2 Jan 2000 14:18:23 -0800 (PST) (envelope-from op@pahl.net) Received: from localhost (op@localhost [127.0.0.1]) by muschel.global-phun.net (8.8.8/8.8.8) with ESMTP id XAA13199; Sun, 2 Jan 2000 23:13:55 +0100 Date: Sun, 2 Jan 2000 23:13:55 +0100 (MET) From: Ole Pahl X-Sender: op@muschel.global-phun.net To: Przemyslaw Frasunek Cc: freebsd-bugs@freebsd.org, bugtraq@securityfocus.com Subject: RE: Bug in recent versions of Vixie cron In-Reply-To: Message-ID: Organization: PAHL.NET Network Solutions MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 2 Jan 2000, Przemyslaw Frasunek wrote: > > This problem seems to be present in current versions of Vixie cron, e.g. > > those used in operating systems like FreeBSD 3.4-RC as well as certain > > Linux distributions such as SuSE Linux 6.2. > FreeBSD is and was NOT vulnerable to this problem. The person who tried to reproduce this problem on his FreeBSD machine just confirmed that he could not pass arbitrary commands to Sendmail using the MAILTO environment variable. However, Sendmail is still executed as root - that condition can't be exploited due to proper argument checking, though. For further replies, please make sure to remove BugTraq from the CC list in order to keep Aleph1 from being bothered - I think any further discussion on this issue is not relevant for BugTraq. Regards, Ole Pahl -- Ole Pahl Hamburg / Germany Fon: +49 40 7807 2601 PAHL.NET Network Solutions Mail: info@pahl.net Fax: +49 40 7807 2602 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message