January 16, 2002

Security update to at

Author: JT Smith

Posted at LWN.net: "The 'at' command reads commands from standard input for execution at a
later time specified on the command line. If such an execution time is
given in a carefully drafted (but wrong) format, the at command may
crash as a result of a surplus call to free(). The cause of the crash
is a heap corruption that is exploitable under certain circumstances
since the /usr/bin/at command is installed setuid root.

A temporary workaround against the bug is to disable the at command for
non-root users by removing the setuid-bit from the /usr/bin/at command."

Category:

  • Linux
Click Here!