Bugtraq mailing list archives
Re: klogd format bug
From: Daniel Jacobowitz <dmj+ () ANDREW CMU EDU>
Date: Tue, 19 Sep 2000 00:19:25 -0400
On Mon, Sep 18, 2000 at 02:15:08PM -0300, Carlos Eduardo Gorges wrote:
Em seg, 18 set 2000, Jouko Pynnönen escreveu:OVERVIEW Kernel logging daemon klogd in the sysklogd package for Linux contains a "format bug" making it vulnerable to local root compromise (successfully tested on Linux/x86). There's also a possibility for remote vulnerability under certain (rather unprobable) circumstances and a more probable semi-remote exploitableness with knfsd.The patch.
As mentioned elsewhere, this patch breaks decoding of priorities in klogd. The correct fix is to upgrade to sysklogd 1.4, available on MetaLab and soon on a vendor near you. Dan /--------------------------------\ /--------------------------------\ | Daniel Jacobowitz |__| SCS Class of 2002 | | Debian GNU/Linux Developer __ Carnegie Mellon University | | dan () debian org | | dmj+ () andrew cmu edu | \--------------------------------/ \--------------------------------/
Current thread:
- Re: klogd format bug Daniel Jacobowitz (Dec 19)