Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: What happened to the syslog bug ?

From: gunni () if is (Gunnar Ingvi Thorisson)
Date: Tue, 25 Jun 1996 12:39:45 +0000

Hi there..


In August last year 8LGM released an advisory warning about a syslog
vulnerability. Something to do with a buffer overflow and passing commands
to a remote site. The advisory said that exploit would not be released yet,
in order to give time to vendors to issue patches. Now I understand that
some vendors are pretty slow in acknowledging security problems but it
sounds like they had enough time by now.
Anyone considering posting details on this full disclosure list ?



the sendmail_wrapper.c was updated to prevent this bug, thats about it I
know about sendmail, if you're looking for cure, get this wrapper, it can
be found at any sendmail site. Hope it helps...

Best regards, Gunni...
gunni () if is


=========================================================================
 Gunnar Ingvi Þórisson                      E-Mail address:  gunni () if is
 Kerfisstjóri, system administrator

 Íslensk forritaþróun hf.
 Suðurlandsbraut 4, IS-108 Reykjavík, Ísland
 Sími: (+354) 588-1511  Fax: (+354) 588-8728
=========================================================================
Previous By Date Next
Previous By Thread Next

Current thread: