Sysklogd Memory Allocation Flaw May Let Remote Users Crash the Daemon
|
|
SecurityTracker Alert ID: 1009976
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 29 2004
|
Impact: Denial of service via network
|
Version(s): 1.4.1, 1.4.1-14
|
Description: A vulnerability was reported in sysklogd. A remote user may be able to cause the daemon to crash.
Steve Grubb reported that sysklogd does not allocate enough memory to store all its pointers in the crunch list. A remote user may be able to cause the daemon to write to unallocated memory and crash.
|
Impact: A remote user may be able to cause sysklogd to crash.
|
Solution: No upstream solution was available at the time of this entry.
|
Vendor URL: www.infodrom.org/projects/sysklogd/ (Links to External Site)
|
Cause: Boundary error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 28 Apr 2004 22:01:07 -0400
Subject: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120453
|
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120453
Steve Grubb reported that syslogd does not allocate enough memory to store all its
pointers in the crunch list.
sysklogd-1.4.1-14 is affected.
|
|
