Bugtraq mailing list archives
Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
From: karl () bagpuss demon co uk (Karl Strickland)
Date: Wed, 13 Sep 1995 18:55:10 +0100
3) Rampant hacking would ensue. As for vulnerability, I believe both FreeBSD and Linux have fixes available.libc4.7.2 fixed it in May.
Hmm I cant find any libc4.7.2 for FreeBSD, so I'm a confused as to which libc you mean.
I had assumed that their fix and log in the libc was what had sparked the alert..
First I've heard of libc4.7.2; but given that it was fixed in there in May, was anyone else alerted to the presence of a bug so that other OS's could be checked?
ah well wrong again 8) AlanP.S. Next time this kind of bug crops up, expect exploits to be available much more quickly - modifying an exploit for syslog() would be extremely straightforward :-|PS: Have a look at the source code of tin very carefully in that case.
why?
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl () bagpuss demon co uk
|
Current thread:
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995, (continued)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Perry E. Metzger (Aug 29)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Slava Kritov (Aug 30)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 der Mouse (Aug 31)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Tim Scanlon (Sep 02)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Slava Kritov (Sep 05)
- Discovery: Gain access to root on Linux via NIS Ken Weaverling (Sep 05)
- Re: Discovery: Gain access to root on Linux via NIS Alan Hannan (Sep 07)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Neil Woods (Sep 04)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 11)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Neil Woods (Sep 12)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Karl Strickland (Sep 13)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 14)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 11)
- Livingston bugs... Jay 'Whip' Grizzard (Sep 12)
- Re: Livingston bugs... Phillip Moore (Sep 12)
- Re: Livingston bugs... Dave Andersen (Sep 12)
- Re: Livingston bugs... Mike A Lyons (Sep 12)
- LACC Julian Assange (Sep 13)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Charles Sumner (Sep 14)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Goetz von Escher (Sep 18)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Doug Hughes (Sep 18)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Scott Barman (Sep 18)