[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

sysklogd HACK

Here is info I found on the redhat.com system about the sysklogd Hack. Is
anyone working on a fix for this?


Ken Rea
Package: Sysklogd 

Updated: 01-Apr-1999 


     (01-Apr-1999):Security Fix 

     An overflow in the parsing code could lead to crashes of the system

     Red Hat would like to thank the members of the BUGTRAQ mailing list,
the members of the Linux Security Audit team,
     and others. All users of Red Hat Linux are encouraged to upgrade to
the new packages immediately. As always, these
     packages have been signed with the Red Hat PGP key. 
     (17-Nov-1998):Security Fix 

     A buffer overflow has been identified in all versions of the sysklogd
packages shipped with Red Hat Linux. As the time
     of this post there are no known exploits for this security

     Red Hat would like to thank Michal Zalewski (lcamtuf@IDS.PL) and the
members of the Bugtraq mailing list for
     discovering this problem and providing a fix. 

     Users of Red Hat Linux are recommended to upgrade to the new packages
available under updates directory on our ftp


     Intel: Upgrade to: 
     rpm -Uvh
     Alpha: Upgrade to: 
     rpm -Uvh
     Sparc: Upgrade to: 
     rpm -Uvh

Reply to: