Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

[scorp () un kiev ua (Slava Kritov)]

Hi !

> has anyone bothered to check IRIX, OSF, etc. etc. etc. ?

I've already posted some testing of FreeBSD & OSF 3.2 ( Digital Unix ) in
certain security-related newsgroups, so sorry for dupes all who had read
that already.

Tests shows that
a) FreeBSD 1.1.5.1 - max buffer size ~ 1700, the calling program
coredumps on 11. Although this is NOT the major problem, since sendmail
by itself ( at least 8.6.12 ) conducts extensive tests on values fed in
thus making this direction of attacks highly unprobable.
b) Dec Alpha AXP 2100 OSF 3.2 ( Digital Unix from now & forever :) -
max buffer size ~1600, silently ignores longer messages, no malfunctions
/ posteffects detected

> I'd like to see some sort of a robust test for the freaking
> thing that wasn't platform dependent, or at least had good
> assurance of adressing the problem.

Why not, that base program that was posted doesn't require modifications
to run on my platforms ( Dec, PC ).
I actually added a short loop incrementing the length of the buffer in
100 bytes chunks.
The only thing you should check is the log level - some syslogd's have
certain levels disabled/specifically configured etc.

> just my whacky perceptions... Really neither here nor there.

The only person you can trust in this world is yourself ....
Maybe ...
;)

> ________________________________________________________________
> tfs () vampire science gmu edu (NeXTmail, MIME)  Tim Scanlon
      ^^^^^^^
[flames off]
This should partially explain the dark mood of the author ;)

Best
        Slava