[1025] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] qmail,wu.ftpd,deslogind, in.telnetsnoopd ?

daemon@ATHENA.MIT.EDU (Paul D. Robertson)
Tue Aug 20 03:59:51 1996

Date: Mon, 19 Aug 1996 20:19:25 -0400 (EDT)
From: "Paul D. Robertson" <proberts@clark.net>
To: Jonathan Larmour <JLarmour@origin-at.co.uk>
cc: Frank Parato <fparato@gti.net>, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <1.5.4.16.19960818180536.31af0dcc@gatekeeper>

On Sun, 18 Aug 1996, Jonathan Larmour wrote:

> Surely you must be running syslogd? There are many known problems with
> syslogd to do with buffer overruns, and in particular if your syslogd
> listens on the syslogd UDP port, then that could easily be the trouble. 

Hrm, all the exploits I've seen deal with the syslog library call, not the
daemon, and the Linux libraries have been fixed for a while.  Could you
provide more info on the daemon problems?  

[REW: The deamon problem consists at least of being able to fill someones
harddisk by sending it stuff to be logged. Some systems choke when their
root partition fills....(Denial of service)]

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts@clark.net      which may have no basis whatsoever in fact."
                                                                     PSB#9280

home help back first fref pref prev next nref lref last post