MandrivaUsers.org > Security Advisory (MDKSA-2004:038): sysklogd

Full Version: Security Advisory (MDKSA-2004:038): sysklogd

MandrivaUsers.org > Announcements > Mandriva Security Advisories

aru

Apr 28 2004, 10:12 PM

MandrakeSoft Security Advisory MDKSA-2004:038 : sysklogd

April 28th, 2004
Updated sysklogd packages fix vulnerability

Steve Grubb discovered a bug in sysklogd where it allocates an insufficient amount of memory which causes sysklogd to write to unallocated memory. This could allow for a malicious user to crash sysklogd.

The updated packages provide a patched sysklogd using patches from Openwall to correct the problem and also corrects the use of an unitialized variable (a previous use of "count").

The released versions of Mandrake GNU/Linux affected are:

9.1
9.2
9.2/AMD64
Multi Network Firewall 8.2
Corporate Server 2.1
10.0

Full information about this advisory, including the updated packages, is available at:
www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:038

Posted automatically by aru (mdksec2mub v0.0.8)

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.