|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Linux] klogd 1.3-22 buffer overflow
security
PENGUIN.NET.AUWed, 18 Nov 1998 12:22:29 +0800
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Mike: "Re: [Linux] klogd 1.3-22 buffer overflow"
- Previous message: David LeBlanc: "Re: NAI-30: Windows NT SNMP Vulnerabilities"
- In reply to: Martin Schulze: "Re: [Linux] klogd 1.3-22 buffer overflow"
- Next in thread: Michal Zalewski: "Re: [Linux] klogd 1.3-22 buffer overflow"
Hi,
I am personally a bit mixed up now...
This is what I have just read on the RedHat updates page:
--------------------------------------------
Red Hat would like to thank Michal Zalewski (lcamtufIDS.PL) and the
members of
the Bugtraq mailing list for discovering this problem and providing a
fix.
Users of Red Hat Linux are recommended to upgrade to the new packages
ava
--------------------------------------------------
The page is at
http://www.redhat.com/support/docs/rhl/rh52-errata-general.html.
...shall I trust Redhat, now? :-?
Merc.
> I'm the co-maintainer of the Linux sysklogd package which contains the
> klogd program for which a buffer overrun has been reported last week.
>
> First of all I'd like to complain about two things:
>
> a) The reports weren't made against the current version of the
> package. The source for it is well known on sunsite.unc.edu as
> well as various mirrors.
[SNIP]
- Next message: Mike: "Re: [Linux] klogd 1.3-22 buffer overflow"
- Previous message: David LeBlanc: "Re: NAI-30: Windows NT SNMP Vulnerabilities"
- In reply to: Martin Schulze: "Re: [Linux] klogd 1.3-22 buffer overflow"
- Next in thread: Michal Zalewski: "Re: [Linux] klogd 1.3-22 buffer overflow"