Bugtraq mailing list archives
Re: klogd format bug
From: Carlos Eduardo Gorges <carlos () TECHLINUX COM BR>
Date: Mon, 18 Sep 2000 14:15:08 -0300
Em seg, 18 set 2000, Jouko Pynnönen escreveu:
OVERVIEW Kernel logging daemon klogd in the sysklogd package for Linux contains a "format bug" making it vulnerable to local root compromise (successfully tested on Linux/x86). There's also a possibility for remote vulnerability under certain (rather unprobable) circumstances and a more probable semi-remote exploitableness with knfsd.
The patch. -- _________________________ Carlos E Gorges (carlos () techlinux com br) Tech informática LTDA Brazil _________________________
Attachment:
sysklogd-1.3-31-formatbug.diff.bz2
Description:
Current thread:
- klogd format bug Jouko Pynnönen (Sep 18)
- Re: klogd format bug Carlos Eduardo Gorges (Sep 18)