SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   sysklogd Vendors:   Wettstein, Greg
(Slackware Issues Fix) Sysklogd Memory Allocation Flaw May Let Remote Users Crash the Daemon
SecurityTracker Alert ID:  1010051
SecurityTracker URL:  http://securitytracker.com/id/1010051
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 4 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.4.1, 1.4.1-14
Description:   A vulnerability was reported in sysklogd. A remote user may be able to cause the daemon to crash.

Steve Grubb reported that sysklogd does not allocate enough memory to store all its pointers in the crunch list. A remote user may be able to cause the daemon to write to unallocated memory and crash.

Impact:   A remote user may be able to cause sysklogd to crash.
Solution:   Slackware has released a fix.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sysklogd-1.4.1-i386-7.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sysklogd-1.4.1-i386-9.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/sysklogd-1.4.1-i486-9.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/sysklogd-1.4.1-i486-9.tgz

The MD5 signatures are:

Slackware 8.1 package:
4bcd73db9029567f73d7131f63421cdd sysklogd-1.4.1-i386-7.tgz

Slackware 9.0 package:
8e7563c3c060641acc2307b0ab8c1402 sysklogd-1.4.1-i386-9.tgz

Slackware 9.1 package:
f97b852f2202af2ed775a2e0c584bc26 sysklogd-1.4.1-i486-9.tgz

Slackware -current package:
5820b02d24994c1b5fff7a62b59dada0 sysklogd-1.4.1-i486-9.tgz

Vendor URL:  www.infodrom.org/projects/sysklogd/ (Links to External Site)
Cause:   Boundary error, State error
Underlying OS:  Linux (Slackware)
Underlying OS Comments:  8.1, 9.0, 9.1, and -current

Message History:   This archive entry is a follow-up to the message listed below.
Apr 29 2004 Sysklogd Memory Allocation Flaw May Let Remote Users Crash the Daemon



 Source Message Contents

Subject:  [slackware-security] sysklogd update (SSA:2004-124-02)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  sysklogd update (SSA:2004-124-02)

New sysklogd packages are available for Slackware 8.1, 9.0, 9.1, and -current
to fix a security issue where a user could cause syslogd to crash.  Thanks to
Steve Grubb who researched the issue.

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Sun May  2 17:16:41 PDT 2004
patches/packages/sysklogd-1.4.1-i486-9.tgz:  Patched a bug which could allow
  a user to cause syslogd to write to unallocated memory and crash.
  Thanks to Steve Grubb for finding the bug, and Solar Designer for refining
  the patch.
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sysklogd-1.4.1-i386-7.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sysklogd-1.4.1-i386-9.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/sysklogd-1.4.1-i486-9.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/sysklogd-1.4.1-i486-9.tgz


MD5 signatures:
+-------------+

Slackware 8.1 package:
4bcd73db9029567f73d7131f63421cdd  sysklogd-1.4.1-i386-7.tgz

Slackware 9.0 package:
8e7563c3c060641acc2307b0ab8c1402  sysklogd-1.4.1-i386-9.tgz

Slackware 9.1 package:
f97b852f2202af2ed775a2e0c584bc26  sysklogd-1.4.1-i486-9.tgz

Slackware -current package:
5820b02d24994c1b5fff7a62b59dada0  sysklogd-1.4.1-i486-9.tgz


Installation instructions:
+------------------------+

First, stop syslogd/klogd:
# . /etc/rc.d/rc.syslog stop

Next, upgrade the package as root:
# upgradepkg sysklogd-1.4.1-i486-9.tgz

Finally, restart the logging system:
# . /etc/rc.d/rc.syslog start


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAlqIpakRjwEAQIjMRAqG2AJ0TfBJ0P668pqrAavmP22Kyy6JeZACeIFFQ
tUnQUODYj4t/dWVN8YKUq8k=
=iQRP
-----END PGP SIGNATURE-----

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC