oss-sec mailing list archives
Re: sysklogd vulnerability (CVE-2014-3634)
From: Rainer Gerhards <rgerhards () hq adiscon com>
Date: Fri, 3 Oct 2014 17:16:31 +0200
Today is Germany's national holiday. IIRC it was with 3500000000 or 350000001. I probably can't check today. I think it was on ubuntu 12.04lts fully patched. Sorry i have no better answer at the moment. Rainer Sent from phone, thus brief. Am 03.10.2014 17:01 schrieb "mancha" <mancha1 () zoho com>:
On Fri, Oct 03, 2014 at 01:53:02PM +0200, Rainer Gerhards wrote:I didn't try out sysklogd as I was busy enough with rsyslog BUT I can crash unpatched rsyslog v3 and the code path in question is extremely similar in those two.OK, I just graduated from my crash-course on setting up an unpatched rsyslog 3.22.3 daemon. I've hit it with lots of pri "vals" including: x112, 80000000000000000000000000000000, my lottery numbers, and the magical 3500000000 but am unable to crash it. printline()'s are very similar like you say so it would be worthwhile if we could dig a little. Rainer, would you be able to provide a backtrace? or be more specific about the steps you took to crash it? --mancha PS I've taken Joey off the CC list because he's not expressed any interest in this and is probably busy adding to his spamassassin rulesets.
Current thread:
- sysklogd vulnerability (CVE-2014-3634) mancha (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) mancha (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) Solar Designer (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) Rainer Gerhards (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) mancha (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) Rainer Gerhards (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) mancha (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) Rainer Gerhards (Oct 05)
- Re: sysklogd vulnerability (CVE-2014-3634) mancha (Oct 06)
- Re: sysklogd vulnerability (CVE-2014-3634) Solar Designer (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) mancha (Oct 03)
- Re: sysklogd vulnerability (CVE-2014-3634) mancha (Oct 03)