OpenServer crontab Format String Vulnerability

It has been reported that the OpenServer implementation of 'crontab' is vulnerable to a format string error. The condition occurs when crontab issues an error message as a result of an invalid filename argument. The filename argument supplied to crontab is passed directly to a 'printf()' function as the format string argument. This condition may be exploited by local attackers to overwrite memory in the address space of the crontab process.


 

Privacy Statement
Copyright 2010, SecurityFocus