Bugtraq mailing list archives
RedHat sysklogd vulnerability
From: visi () CMU EDU (Cory Visi)
Date: Tue, 16 Feb 1999 02:22:56 -0500
I'd like to apologize for being so late with this e-mail as I have known about this problem for months. The vulnerability was discussed in a Thu, 10 Sep 1998 BugTraq e-mail by Michal Zalewski (lcamtuf () IDS PL). I replied to it with a quick patch. Here are some lines from my e-mail:
I'm not completely happy with this, as it modifies the reference parameter, ptr, but it will solve the problem. However, later on: ExpandKadds(line, eline) Where eline is the same size as line. I think the real solution is to make sure the buffer is larger (LOG_LINE_LENGTH) like Michal said, and make sure modules and programs don't generate obsurdly long messages, because you can't be certain how much room is necessary for the expanded symbols. It would be nice if ExpandKadds() allocated memory dynamically, but it doesn't.
RedHat immediately issued a "fix" to their current package: sysklogd-1.3-26 This "fix" is merely my patch (and nothing more). My patch DOES NOT fix the problem. As discussed by the package co-maintainer (Martin Schulze (joey () FINLANDIA INFODROM NORTH DE)) the bug is fixed in the latest sysklogd package (1.3-30). In fact, the bug was fixed in 1996. What this comes down to is that any Linux distribution running an old sysklogd package (namely RedHat all versions) STILL has a potential (rather obscure) buffer overflow. They need to upgrade to the latest version ASAP. I e-mailed bugzilla () redhat com and got no response. Thank you, .-. ,~~-. .-~~-. ~._'_.' \_ \ / `~~- | `~- \ / `.__.-'ory \/isi
Current thread:
- Re: NetApp Filer software versions 5.x: potential hardware killer Daniel Quinlan (Feb 12)
- Re: NetApp Filer software versions 5.x: potential hardware killer Kragen Sitaker (Feb 12)
- Re: NetApp Filer software versions 5.x: potential hardware killer James FitzGibbon (Feb 13)
- firmware upgrades (Was: Re: NetApp Filer software versions...) Pavel Kankovsky (Feb 15)
- RedHat sysklogd vulnerability Cory Visi (Feb 15)
- <Possible follow-ups>
- Re: NetApp Filer software versions 5.x: potential hardware killer der Mouse (Feb 13)
- Re: NetApp Filer software versions 5.x: potential hardware killer Kragen Sitaker (Feb 12)