Bugtraq mailing list archives
Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
From: perry () piermont com (Perry E. Metzger)
Date: Wed, 30 Aug 1995 01:30:07 -0400
Tim Rylance writes:
We have written an example exploit to overwrite syslog(3)'s internal buffer using SunOS sendmail(8).A quick look at the FreeBSD-current syslog.c and the latest sendmail source suggests that a) turning off mail.debug logging in /etc/syslog.conf will protect you (from this particular exploit)
This is a syslog(3) problem, not a syslogd problem, so touching /etc/syslog.conf would do nothing.
b) sendmail 8.6.6 and later take care not to log long strings and
may be safe (from this particular exploit).
I'm not 100% sure of how safe the code is. Given that other daemons are also potentially unsafe I'm being paranoid and just fixing the library. Perry
Current thread:
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Christian Wettergren (Aug 29)
- <Possible follow-ups>
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Perry E. Metzger (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Slava Kritov (Aug 30)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 der Mouse (Aug 31)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Tim Scanlon (Sep 02)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Slava Kritov (Sep 05)
- Discovery: Gain access to root on Linux via NIS Ken Weaverling (Sep 05)
- Re: Discovery: Gain access to root on Linux via NIS Alan Hannan (Sep 07)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Neil Woods (Sep 04)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 11)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Neil Woods (Sep 12)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Karl Strickland (Sep 13)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 11)
(Thread continues...)