Bugtraq mailing list archives
Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
From: tkr () puffball demon co uk (Tim Rylance)
Date: Tue, 29 Aug 1995 10:32:05 +0100
We have written an example exploit to overwrite syslog(3)'s internal buffer using SunOS sendmail(8).
A quick look at the FreeBSD-current syslog.c and the latest sendmail source suggests that a) turning off mail.debug logging in /etc/syslog.conf will protect you (from this particular exploit) b) sendmail 8.6.6 and later take care not to log long strings and may be safe (from this particular exploit). Can anyone confirm or refute? Tim -- Tim Rylance <tkr () puffball demon co uk>
Current thread:
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Tim Rylance (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Jay 'Whip' Grizzard (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Christian Wettergren (Aug 29)
- <Possible follow-ups>
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 der Mouse (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Panzer Boy (Aug 31)