[8502] in bugtraq

home help back first fref pref prev next nref lref last post

Re: klogd 1.3-22 buffer overflow

daemon@ATHENA.MIT.EDU (Neil Bright)
Wed Nov 11 13:39:49 1998

Date: 	Wed, 11 Nov 1998 11:12:09 -0500
Reply-To: Neil Bright <ncb@CC.GATECH.EDU>
From: Neil Bright <ncb@CC.GATECH.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.4.00.9809101023330.545-100000@lcamtuf.ids.pl> from
              "Michal Zalewski" at Sep 10, 98 10:26:06 am

-----BEGIN PGP SIGNED MESSAGE-----

Michal Zalewski wrote the following:

> Good morning,
>
> This time - buffer overflow in Linux klogd daemon from sysklogd-1.3
> package (up to release 22 - affects Red Hat 5.x and Slackware 3.x, no data
> about other distributions).

[snip]

This does appear to affect a (fairly) stock RH5.2 box also.  In my test,
The supplied module code did cause klogd to die...

Relevant RPMS:
  sysklogd-1.3-25
  kernel-2.0.36-0.7     (stock, no kernel rebuild)

+============ 24 68 BF F6 0E 73 53 47 80 E9 27 7D F9 35 58 4B ============+
 Neil Bright              ncb@cc.gatech.edu            IHPCL administrator
 (404) 385-0448                                       College of Computing
 http://www.cc.gatech.edu/projects/ihpcl   Georgia Institute of Technology

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNkm3SPYNylcsgopZAQHiTwP/RNlnm5qp6QzDsNdSu7qOXIWautgAtfWE
geiXigHgqMNt9++pMm0Rev8IHI6tFJgIyZi6yFoXEhAlBoDdbCV5tLa50v8xv9mQ
oSEpGSXsuEPRsf4j1mpr+E2QDsB6ePfZSMQfHywugEbTmbxYds4e60f2kY8P7e79
95NsP6yaJns=
=ijNd
-----END PGP SIGNATURE-----

home help back first fref pref prev next nref lref last post