[16843] in bugtraq
[CSSA-2000-032.0] Security Problems with syslog/klogd
daemon@ATHENA.MIT.EDU (Caldera Systems Security)
Wed Sep 20 13:07:51 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-ID: <20000920091223.A14361@ns.lst.de>
Date: Wed, 20 Sep 2000 09:12:23 +0200
Reply-To: Caldera Systems Security <support@PHOENIX.CALDERASYSTEMS.COM>
From: Caldera Systems Security <support@PHOENIX.CALDERASYSTEMS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: Security problems in syslogd/klogd
Advisory number: CSSA-2000-032.0
Issue date: 2000 September, 19
Cross reference:
______________________________________________________________________________
1. Problem Description
Several problems have been discovered in syslogd and klogd,
the daemon programs responsible for system logging on Linux.
- There is a format bug in klogd.
- There is a single byte buffer overflow in syslogd.
- When given long messages, syslogd broadcasts the
message to all users currently logged in.
There are no known exploits yet, but the first two bugs
could lead to a root compromise.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux Desktop 2.3 All packages previous to
sysklogd-1.4-2
OpenLinux eServer 2.3 All packages previous to
and OpenLinux eBuilder sysklogd-1.4-2
OpenLinux eDesktop 2.4 All packages previous to
sysklogd-1.4-2
3. Solution
Workaround:
None known. The proper solution is to upgrade to the fixed
packages.
4. OpenLinux Desktop 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
211046a507762511c45d31712bfb2485 RPMS/sysklogd-1.4-2.i386.rpm
6752f208b1f24904e70e170540d83dea SRPMS/sysklogd-1.4-2.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv sysklogd-1.4-2.i386.rpm
Stop and restart the syslog service using
/etc/rc.d/init.d/syslog stop
/etc/rc.d/init.d/syslog start
5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
39c86b8264cbfe9f30cfbbd1ff197f4c RPMS/sysklogd-1.4-2.i386.rpm
6752f208b1f24904e70e170540d83dea SRPMS/sysklogd-1.4-2.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv sysklogd-1.4-2.i386.rpm
Stop and restart the syslog service using
/etc/rc.d/init.d/syslog stop
/etc/rc.d/init.d/syslog start
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
db9028cb2eb7430368ad1fcf3c4a457b RPMS/sysklogd-1.4-2.i386.rpm
6752f208b1f24904e70e170540d83dea SRPMS/sysklogd-1.4-2.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv sysklogd-1.4-2.i386.rpm
Stop and restart the syslog service using
/etc/rc.d/init.d/syslog stop
/etc/rc.d/init.d/syslog start
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 7693.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of the
information we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended to
promote secure installation and use of Caldera OpenLinux.
9. Acknowledgements
Caldera Systems, Inc. wishes to thank the following people
Jouko Pynnönen of Online Solutions, Finland
Solar Designer
Daniel Jacobowski of Debian
Martin Schulze, sysklogd maintainer
for discovering and/or fixing these bugs.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5x2NG18sy83A/qfwRAhlhAJ4yhOunYq2jgfgC2tU8qiXJ9rueRQCfR55C
ab/6AeYX1W+TVpRlnpi5iZE=
=fW+0
-----END PGP SIGNATURE-----
