[2349] in bugtraq
SunOS syslog() fix, finally...
daemon@ATHENA.MIT.EDU (Jay 'Whip' Grizzard)
Fri Nov 3 20:53:09 1995
Date: Fri, 3 Nov 1995 12:13:42 -0800
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: "Jay 'Whip' Grizzard" <elfchief@LUPINE.ORG>
X-To: bugtraq@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
Looks like SUN finally got their libc patch out to fix the syslog() bug --
On sunsolve1.sun.com there is /pub/patches/102545-03.tar.Z, which
is the int'l version of the SunOS 4.1.4 patch, which has in its README,
among other things:
Problem Description:
1220511 --> mktime() doesn't care leap year.
1222421 --> Patch 102545-02 changed clnt_udp.o but should not.
1190985 --> gethostbyname() can trash an existing open file descriptor.
1197137 --> NFS server crashed w/ "Panic: Bad Trap" when NFS client
do a "find" over T1 link.
1182835 --> portmapper silently fails with version mismatch by PC-NFS client.
1219835 --> Syslog(3) can be abused to gain root access on 4.X systems
There is also a 4.1.3_U1 int'l libc jumbo patch (101558-07) that also
claims to fix the bug. Off the top of my head, though, I don't see a
domestic version of the patch -- It should be simple enough to extract
syslog.o from one and drop it in your existing libraries, though... I'm
going to give it a shot later and see what I see.
-WW
