Info

Disclosure

Sep 17, 2000

Discovery

Sep 17, 2000

Dates

Exploit

Sep 17, 2000

Solution

Unknown

Description

Linux kernel klogd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user passes a buffer containing '%' characters between pairs of '[<' and '>]' delimiters directly to the syslog() function, causing klogd to crash with a segmentation fault. This flaw may lead to a loss of Integrity.

Classification

Location: Local Access Required, Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, most linux vendors have released a patch to address this vulnerability.

Products

All Vendors

Linux Kernel klogd

2.0.36

References

Bugtraq ID: 1694
RedHat RHSA: RHSA-2000:061-02
Generic Exploit URL: http://www.packetstormsecurity.org/0009-exploits/klogd.exploit.txt
ISS X-Force ID: 5259
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html
CVE ID: 2000-0867 (see also: NVD)
Vendor Specific Solution URL: ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2000-032.0.txt http://cert.uni-stuttgart.de/archive/bugtraq/2000/12/msg00313.html
http://www.debian.org/security/2000/20000919
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2000:050
http://www.packetstormsecurity.org/advisories/suse/suse.syslogd.txt
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2000&m=slackw ......

Credit

Jouko Pynnonen - joukoiki.fi - Personal Page

Direct URL: http://osvdb.org/36218