English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----

=============================================================================
FreeBSD-SA-96:08     Security Advisory
FreeBSD, Inc.

Topic: syslog vulnerability

Category: core
Module: libc
Announced: 1996-04-21
Affects: FreeBSD 2.0 and 2.0.5
Corrected: 1995-10-15 2.2-current and 2.1.0-release sources
Source: Generic BSD bug
FreeBSD only: no

Reference: CERT CA-95:13.syslog.vul

Patches: ftp://freebsd.org/pub/CERT/patches/SA-96:08/

=============================================================================

I.   Background    

     A problem was found in the syslog(3) library call that affects
     FreeBSD 2.0 and FreeBSD 2.0.5 releases.  This problem was
     fixed prior to the release of FreeBSD 2.1.

     The FreeBSD project is not aware of active exploits of this
     vulnerability.

     All FreeBSD users are encouraged to upgrade to a version of
     FreeBSD with this vulnerability fixed.


II.  Problem Description

     Bounds checking for syslog error messages was not being
     performed properly.


III. Impact

     The problem could be exploited to gain unauthorized access to
     a system running sendmail.


IV. Solution(s)

     Update operating system sources and binaries to FreeBSD 2.1 or
     a later release or apply the patches available at the URL
     listed at the top of this bulletin and re-install the C library.

=============================================================================
FreeBSD, Inc.

Web Site: http://www.freebsd.org/
Confidential contacts: security-officer@freebsd.org
PGP Key: ftp://freebsd.org/pub/CERT/public_key.asc
Security notifications: security-notifications@freebsd.org
Security public discussion: security@freebsd.org

Notice: Any patches in this document may not apply cleanly due to
        modifications caused by digital signature or mailer software.
        Please reference the URL listed at the top of this document
        for original copies of all patches if necessary.
=============================================================================

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMaLAkFUuHi5z0oilAQFxEwP/aKhjlldITj2TRdejyyVTyrbLLc8EG3Ws
e8VLwYYfaciMGf9jihZop2MxdVB/wlIR+iy2i04ULV5TUar3aiq0fmRsIxspT4vt
/HcjtrsYX52rzAqkibTTMLRPn3vU9LES1gBZZDPteA4vk43Yo+brJk/bTuxloQTY
PGw0ifIAHHM=
=KBgt
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.