Bugtraq mailing list archives
Re: klogd 1.3-22 buffer overflow
From: peter () ATTIC VUURWERK NL (Peter van Dijk)
Date: Thu, 12 Nov 1998 01:43:16 +0100
--lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable On Wed, Nov 11, 1998 at 11:12:09AM -0500, Neil Bright wrote:
Michal Zalewski wrote the following: =20Good morning, This time - buffer overflow in Linux klogd daemon from sysklogd-1.3 package (up to release 22 - affects Red Hat 5.x and Slackware 3.x, no d=
ata
about other distributions).=20 [snip] =20 This does appear to affect a (fairly) stock RH5.2 box also. In my test, The supplied module code did cause klogd to die... =20 Relevant RPMS: sysklogd-1.3-25 kernel-2.0.36-0.7 (stock, no kernel rebuild)
Same on Slackware 3.4 (kernel updated to 2.0.35). [root@koek] ~# klogd -v klogd 1.3-0 But attaching gdb to klogd shows that the character the buffer is filled wi= th only appears in eax and even there only in the lowest 8 bits.. Is this still exploitable? Greetz, Peter. --=20 'I guess anybody who walks away from a root shell at : Peter van Di= jk a nerd party gets what they deserve!' -- BillSF :peter@attic.vuurwerk.= nl -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- = -- finger hardbeat () flits104-161 flits rug nl for my public PGP-key - --- - --- - --- - --- - --- - --- - --- - --- - --- - --lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: 8NmZ8FDRmqWp1fcBFYDRTIjS97N9yD7/ iQA/AwUBNkovImxoDwIx5CYIEQJT3gCbBuT73tjdI4kEs0d+QOT1tyYpQiwAoIdd 6aMqLDlKzBlCH77T9E2x91Ya =T/rM -----END PGP SIGNATURE----- --lrZ03NoBR/3+SXJZ--
Current thread:
- WWWBoard Vulnerability Samuel Sparling (Nov 09)
- [Linux] klogd 1.3-22 buffer overflow Michal Zalewski (Sep 10)
- catdoc-0.90 buffer overruns Duncan Simpson (Nov 10)
- Re: catdoc-0.90 buffer overruns Kragen (Nov 12)
- Re: klogd 1.3-22 buffer overflow Neil Bright (Nov 11)
- Re: klogd 1.3-22 buffer overflow Peter van Dijk (Nov 11)
- Re: [Linux] klogd 1.3-22 buffer overflow Cory Visi (Nov 11)
- Re: [Linux] klogd 1.3-22 buffer overflow Martin Schulze (Nov 17)
- Re: [Linux] klogd 1.3-22 buffer overflow Michal Zalewski (Sep 12)
- Re: [Linux] klogd 1.3-22 buffer overflow security () PENGUIN NET AU (Nov 17)
- Update to Microsoft Security Bulletin (MS98-015) Aleph One (Nov 18)
- Multiple KDE security vulnerabilities (root compromise) David G. Andersen (Nov 18)
- Sun Security Bulletin #00179 Aleph One (Nov 18)
- Re: Sun Security Bulletin #00179 Jonathan A. Zdziarski (Nov 19)
- catdoc-0.90 buffer overruns Duncan Simpson (Nov 10)
- [Linux] klogd 1.3-22 buffer overflow Michal Zalewski (Sep 10)
- Re: WWWBoard Vulnerability Spartak Radchenko (Nov 10)
- Re: WWWBoard Vulnerability Samuel Sparling (Nov 10)