Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

Rob J. Nauta (rob@IAEhv.nl)
Tue, 29 Aug 1995 15:03:13 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tim Rylance: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
Previous message: Perry E. Metzger: "Patch for 8lgm syslog/sendmail vulnerability, 4.4lite machines"
In reply to: [8LGM] Security Team: "[8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
Next in thread: Jay 'Whip' Grizzard: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"

[8LGM] Security Team dared to write:
>
>                [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
>REPEAT BY:
>        We have written an example exploit to overwrite syslog(3)'s
>        internal buffer using SunOS sendmail(8).  However due to the
>        severity of this problem, this code will not be made available
>        to anyone at this time.  Please note that the exploit was fairly
>        straightforward to put together, therefore expect exploits to be
>        widely available soon after the release of this advisory.

If it's so straightforward, let's have it ! I want to check my linux and
my ISP's FreeBSD. Bugtraq is FULL DISCLOSURE !! So, please post source/
scripts now !

Rob
--
 _   _
((___))                 Rob J. Nauta
[ x x ]                 rob@iaehv.nl
 \   /                  040-837549
 (' ')                  Check out http://www.iaehv.nl/iae/people/rob/index.htm
  (U)   Free Mitnick !

Next message: Tim Rylance: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
Previous message: Perry E. Metzger: "Patch for 8lgm syslog/sendmail vulnerability, 4.4lite machines"
In reply to: [8LGM] Security Team: "[8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
Next in thread: Jay 'Whip' Grizzard: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"