Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

Karl Strickland (karl@bagpuss.demon.co.uk)
Mon, 18 Sep 1995 19:41:07 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ian MacPhedran: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
Previous message: Goetz von Escher: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
In reply to: Goetz von Escher: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"

>
> I just called local Sun support. They don't know anything about this
> hole and they don't accept the 8lgm advisory as problem report as we
> cannot prove that the bug exists on *our* SunOS host. Outch! I cannot
> believe that nobody else has opened a service call or bug fix request
> (or whatever Sun calls this) at Sun Microsystems. They referred me to
> patch 100909-03 which fixed a hole in syslogd for SunOS 4.1.3...
>
> My questions are:
>
> -  Is there an official patch from Sun and what's the patch-ID?

not as far as i know

> -  Has anybody talked to Sun about this problem?

yes

> -  Is Sun working on a patch?

yes.

Mark Graff is the man you want to speak to - graff@eng.sun.com.  He's
in charge of sorting the patches out.  Mark's told us (8LGM) that Sun have
produced exploitation code for this, and are working on a fix.

I dont know the status of it, perhaps Mark will reply as I know he
watches this list.

--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD               |                    Karl Strickland
PGP 2.3a Public Key Available.            | Internet: karl@bagpuss.demon.co.uk
                                          |

Next message: Ian MacPhedran: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
Previous message: Goetz von Escher: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
In reply to: Goetz von Escher: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"