igorphysics.uiuc.edu

• Next message: Igor Roshchin: "Re: yet another idea about /etc/security"
• Previous message: Garrett Wollman: "Re: review: simple syslog.conf,newsyslog.conf patch with sample logging"
• Next in thread: Ben Smithurst: "Re: Is there a buffer overflow in pidentd-2.8.5 ?"
• Reply: Ben Smithurst: "Re: Is there a buffer overflow in pidentd-2.8.5 ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I've noticed that identd (pidentd-2.8.5)
dumped a core:

Feb 6 03:42:05 <kern.info> myhost /kernel: pid 12494 (identd), uid 0: exited on signal 11 (core dumped)
Feb 6 03:42:05 <daemon.warn> myhost inetd[181]: /usr/local/sbin/identd[12494]: exit status 0x8b

Using "strings", I found one string, which doesn't seem
to be in the initial binary (unless it's coming from one of the
dynamically linked libraries, but I could not find them with grep. )

inetd_dummy=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Looking in the older logs, I've noticed that there are a few entries
with exactly the same information (except for the date and PID).

Any ideas about the reason of all this ?
Can it be a new buffer overflow ? And, if so, is it exploitable ?

(I am running 3.4-stable as of early January.)

Thanks,

Igor

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Igor Roshchin: "Re: yet another idea about /etc/security"
• Previous message: Garrett Wollman: "Re: review: simple syslog.conf,newsyslog.conf patch with sample logging"
• Next in thread: Ben Smithurst: "Re: Is there a buffer overflow in pidentd-2.8.5 ?"
• Reply: Ben Smithurst: "Re: Is there a buffer overflow in pidentd-2.8.5 ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]