Bugtraq mailing list archives

Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

From: tkr () puffball demon co uk (Tim Rylance)
Date: Tue, 29 Aug 1995 10:32:05 +0100

       We have written an example exploit to overwrite syslog(3)'s
       internal buffer using SunOS sendmail(8).


A quick look at the FreeBSD-current syslog.c and the latest sendmail
source suggests that

 a) turning off mail.debug logging in /etc/syslog.conf will protect you
    (from this particular exploit)

 b) sendmail 8.6.6 and later take care not to log long strings and
    may be safe (from this particular exploit).

Can anyone confirm or refute?

Tim
--
Tim Rylance <tkr () puffball demon co uk>

Current thread:

Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Tim Rylance (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Jay 'Whip' Grizzard (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Christian Wettergren (Aug 29)
- <Possible follow-ups>
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 der Mouse (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Panzer Boy (Aug 31)