Home page logo

bugtraq logo Bugtraq mailing list archives

Re: klogd format bug
From: Carlos Eduardo Gorges <carlos () TECHLINUX COM BR>
Date: Mon, 18 Sep 2000 14:15:08 -0300

Em seg, 18 set 2000, Jouko Pynnönen escreveu:

Kernel logging daemon klogd in the sysklogd package for Linux contains a
"format bug" making it vulnerable to local root compromise (successfully
tested on Linux/x86). There's also a possibility for remote vulnerability
under certain (rather unprobable)  circumstances and a more probable
semi-remote exploitableness with knfsd.

The patch.
         Carlos E Gorges
         (carlos () techlinux com br)
         Tech informática LTDA

Attachment: sysklogd-1.3-31-formatbug.diff.bz2

  By Date           By Thread  

Current thread:
  • klogd format bug Jouko Pynnönen (Sep 18)
    • Re: klogd format bug Carlos Eduardo Gorges (Sep 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]