5494367 2000-09-20  18:21  /170 rader/ Brevbäraren (som är implementerad i) Python
Mottagare: Bugtraq (import) <12876>
Ärende: [CSSA-2000-032.0] Security Problems with syslog/klogd
------------------------------------------------------------
From: Caldera Systems Security <support@PHOENIX.CALDERASYSTEMS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <20000920091223.A14361@ns.lst.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject:		Security problems in syslogd/klogd
Advisory number: 	CSSA-2000-032.0
Issue date: 		2000 September, 19
Cross reference:
______________________________________________________________________________


1. Problem Description

   Several problems have been discovered in syslogd and klogd,
   the daemon programs responsible for system logging on Linux.

    -	There is a format bug in klogd.
    -	There is a single byte buffer overflow in syslogd.
    -	When given long messages, syslogd broadcasts the
    	message to all users currently logged in.

   There are no known exploits yet, but the first two bugs
   could lead to a root compromise.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All packages previous to
   				sysklogd-1.4-2

   OpenLinux eServer 2.3        All packages previous to
   and OpenLinux eBuilder       sysklogd-1.4-2

   OpenLinux eDesktop 2.4	All packages previous to
                                sysklogd-1.4-2

3. Solution

   Workaround:

   None known. The proper solution is to upgrade to the fixed
   packages.

4. OpenLinux Desktop 2.3

   4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

   4.2 Verification

       211046a507762511c45d31712bfb2485  RPMS/sysklogd-1.4-2.i386.rpm
       6752f208b1f24904e70e170540d83dea  SRPMS/sysklogd-1.4-2.src.rpm

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	  rpm -Fhv sysklogd-1.4-2.i386.rpm

       Stop and restart the syslog service using

	  /etc/rc.d/init.d/syslog stop
	  /etc/rc.d/init.d/syslog start

5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS

   5.2 Verification

       39c86b8264cbfe9f30cfbbd1ff197f4c  RPMS/sysklogd-1.4-2.i386.rpm
       6752f208b1f24904e70e170540d83dea  SRPMS/sysklogd-1.4-2.src.rpm

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	  rpm -Fhv sysklogd-1.4-2.i386.rpm

       Stop and restart the syslog service using

	  /etc/rc.d/init.d/syslog stop
	  /etc/rc.d/init.d/syslog start

6. OpenLinux eDesktop 2.4

   6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS

   6.2 Verification

       db9028cb2eb7430368ad1fcf3c4a457b  RPMS/sysklogd-1.4-2.i386.rpm
       6752f208b1f24904e70e170540d83dea  SRPMS/sysklogd-1.4-2.src.rpm

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	  rpm -Fhv sysklogd-1.4-2.i386.rpm

       Stop and restart the syslog service using

	  /etc/rc.d/init.d/syslog stop
	  /etc/rc.d/init.d/syslog start

7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 7693.

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of
   the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera
   OpenLinux.

9. Acknowledgements

   Caldera Systems, Inc. wishes to thank the following people

	   Jouko Pynnönen of Online Solutions, Finland
	   Solar Designer
	   Daniel Jacobowski of Debian
	   Martin Schulze, sysklogd maintainer

    for discovering and/or fixing these bugs.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE5x2NG18sy83A/qfwRAhlhAJ4yhOunYq2jgfgC2tU8qiXJ9rueRQCfR55C
ab/6AeYX1W+TVpRlnpi5iZE=
=fW+0
-----END PGP SIGNATURE-----
(5494367) ------------------------------------------(Ombruten)