Home page logo

bugtraq logo Bugtraq mailing list archives

Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
From: jas () flyingfox COM (Jim Shankland)
Date: Fri, 22 Sep 1995 09:27:34 -0700

Casper Dik <casper () Holland Sun COM> write:

The simple facts are:
        - all sendmails are vulnerable
        - it's a syslog() problem, not really a sendmail problem.

Well, sort of.  sendmail 8.6.12 jumps through all sorts of hoops
to limit the size of its syslog() output.  You're right, of course,
that it really is a syslog() bug, and that's where the fix needs
to be.  The output-limiting stuff in 8.6.12 is a hack, but it
*looks* as thought it would prevent this attack.  For all the
obvious reasons, it's still essential to fix syslog().  Still, it
would have been more accurate to say:

The simple facts are:
        - all sendmails are vulnerable, BUT some are much
        more vulnerable than others.

Jim Shankland
Flying Fox Computer Systems, Inc.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]