[8502] in bugtraq
Re: klogd 1.3-22 buffer overflow
daemon@ATHENA.MIT.EDU (Neil Bright)
Wed Nov 11 13:39:49 1998
Date: Wed, 11 Nov 1998 11:12:09 -0500
Reply-To: Neil Bright <ncb@CC.GATECH.EDU>
From: Neil Bright <ncb@CC.GATECH.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.00.9809101023330.545-100000@lcamtuf.ids.pl> from
"Michal Zalewski" at Sep 10, 98 10:26:06 am
-----BEGIN PGP SIGNED MESSAGE-----
Michal Zalewski wrote the following:
> Good morning,
>
> This time - buffer overflow in Linux klogd daemon from sysklogd-1.3
> package (up to release 22 - affects Red Hat 5.x and Slackware 3.x, no data
> about other distributions).
[snip]
This does appear to affect a (fairly) stock RH5.2 box also. In my test,
The supplied module code did cause klogd to die...
Relevant RPMS:
sysklogd-1.3-25
kernel-2.0.36-0.7 (stock, no kernel rebuild)
+============ 24 68 BF F6 0E 73 53 47 80 E9 27 7D F9 35 58 4B ============+
Neil Bright ncb@cc.gatech.edu IHPCL administrator
(404) 385-0448 College of Computing
http://www.cc.gatech.edu/projects/ihpcl Georgia Institute of Technology
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNkm3SPYNylcsgopZAQHiTwP/RNlnm5qp6QzDsNdSu7qOXIWautgAtfWE
geiXigHgqMNt9++pMm0Rev8IHI6tFJgIyZi6yFoXEhAlBoDdbCV5tLa50v8xv9mQ
oSEpGSXsuEPRsf4j1mpr+E2QDsB6ePfZSMQfHywugEbTmbxYds4e60f2kY8P7e79
95NsP6yaJns=
=ijNd
-----END PGP SIGNATURE-----