Re: syslogd security bug?
From: Alfred Perlstein (bright@mu.org)
Date: 04/29/02
- Next message: Drew Tomlinson: "Re: Stateful IPFW Firewall Assistance"
- Previous message: Piotr Wiejaczka: "syslogd security bug?"
- In reply to: Piotr Wiejaczka: "syslogd security bug?"
- Next in thread: Piotr Wiejaczka: "Re: syslogd security bug?"
- Reply: Piotr Wiejaczka: "Re: syslogd security bug?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Apr 2002 14:49:29 -0700 From: Alfred Perlstein <bright@mu.org> To: Piotr Wiejaczka <wiejak@alpha.net.pl>
* Piotr Wiejaczka <wiejak@alpha.net.pl> [020429 14:44] wrote:
> Hi all.
>
> %uname -a
> FreeBSD localhost 4.5-STABLE FreeBSD 4.5-STABLE #1: Tue Mar 12 08:20:11 CET
> 2002 root@:/usr/src/sys/compile/OKO2 i386
>
> %cat syslog.c
> #include <syslog.h>
> #include <stdarg.h>
>
> int main(int argc, char *argv[])
> {
> syslog(LOG_EMERG, argv[1]);
> }
>
> %./syslog "blah %x %x %x %x"
>
> Message from syslogd@localhost at Mon Apr 29 23:27:35 2002 ...
> localhost syslog: blah 2807aebe 2 bfbffc5c bfbffd26
>
>
> Looks like we have a format string bug inside syslogd :)
You're kidding right?
Please read the syslog(3) manpage.
-- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' Tax deductible donations for FreeBSD: http://www.freebsdfoundation.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Drew Tomlinson: "Re: Stateful IPFW Firewall Assistance"
- Previous message: Piotr Wiejaczka: "syslogd security bug?"
- In reply to: Piotr Wiejaczka: "syslogd security bug?"
- Next in thread: Piotr Wiejaczka: "Re: syslogd security bug?"
- Reply: Piotr Wiejaczka: "Re: syslogd security bug?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
