[2174] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

daemon@ATHENA.MIT.EDU (Tim Rylance)
Wed Aug 30 00:25:54 1995

Date:         Tue, 29 Aug 1995 10:32:05 +0100
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Tim Rylance <tkr@puffball.demon.co.uk>
X-To:         Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>

>        We have written an example exploit to overwrite syslog(3)'s
>        internal buffer using SunOS sendmail(8).

A quick look at the FreeBSD-current syslog.c and the latest sendmail
source suggests that

 a) turning off mail.debug logging in /etc/syslog.conf will protect you
    (from this particular exploit)

 b) sendmail 8.6.6 and later take care not to log long strings and
    may be safe (from this particular exploit).

Can anyone confirm or refute?

Tim
--
Tim Rylance <tkr@puffball.demon.co.uk>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2174] in bugtraq

Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

daemon@ATHENA.MIT.EDU (Tim Rylance)Wed Aug 30 00:25:54 1995

daemon@ATHENA.MIT.EDU (Tim Rylance)
Wed Aug 30 00:25:54 1995