Cobalt Networks -- Security Advisory -- 11.20.1999 Problem: The syslogd server uses a Unix Domain stream socket (/dev/log) for receiving local log messages via syslog(3). Unix Domain stream sockets are non connection-less, that means, that one process is needed to serve one client. Description: By opening a lot of local syslog connections a user with shell access could stop the system from responding. Problem and description text was taken from: http://www.suse.de/de/support/security/suse_security_announce_31.txt Relevant products and architectures: Product Architecture Vulnerable Qube1 MIPS Yes Qube2 MIPS Yes RaQ1 MIPS Yes RaQ2 MIPS Yes RaQ3 x86 Yes RPMS: -RaQ3- ftp://ftp.cobaltnet.com/pub/experimental/security/i386/sysklogd-1.3.33-9C1.i386.rpm -RaQ1 RaQ2 Qube1 Qube2- ftp://ftp.cobaltnet.com/pub/experimental/security/mips/sysklogd-1.3.33-9C2.mips.rpm SRPMS: ftp://ftp.cobaltnet.com/pub/experimental/security/srpms/sysklogd-1.3.33-9C1.src.rpm ftp://ftp.cobaltnet.com/pub/experimental/security/srpms/sysklogd-1.3.33-9C2.src.rpm MD5 sum Package Name ------------------------------------------------------------- 2b5f2e422a82e84237c184762a16e2f2 sysklogd-1.3.33-9C1.i386.rpm dd4c696ef40cc0b6bf3f2a5b23cd9dcf sysklogd-1.3.33-9C2.mips.rpm You can verify each rpm using the following command: rpm --checksig [package] To install, use the following command, while logged in as root: rpm -U [package] The package file format (pkg) for this fix is currently in testing, and will be available in the near future. Jeff Bilicki Cobalt Networks
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:34 PDT