aru Posted April 28, 2004 Report Share Posted April 28, 2004 MandrakeSoft Security Advisory MDKSA-2004:038 : sysklogd April 28th, 2004 Updated sysklogd packages fix vulnerability Steve Grubb discovered a bug in sysklogd where it allocates an insufficient amount of memory which causes sysklogd to write to unallocated memory. This could allow for a malicious user to crash sysklogd. The updated packages provide a patched sysklogd using patches from Openwall to correct the problem and also corrects the use of an unitialized variable (a previous use of "count"). The released versions of Mandrake GNU/Linux affected are: 9.1 9.2 9.2/AMD64 Multi Network Firewall 8.2 Corporate Server 2.1 10.0 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:038 Posted automatically by aru (mdksec2mub v0.0.8) Link to comment Share on other sites More sharing options...
Recommended Posts