log2mail printlog() Message Logging Format String

2004-06-07T06:26:55
ID OSVDB:6711
Type osvdb
Reporter Jaguar (jaguar@felinemenace.org )
Modified 2004-06-07T06:26:55

Description

Vulnerability Description

log2mail contains a flaw that may allow a malicious user to execute arbitrary code on the system. This issue is due to a format string error in the "printlog()" function. By logging a crafted message via the syslog function, a local attacker can execute arbitrary code with the privilege of the log2mail process, which is typically a member of group 'adm', resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Debian has released a patch to address this vulnerability.

Short Description

log2mail contains a flaw that may allow a malicious user to execute arbitrary code on the system. This issue is due to a format string error in the "printlog()" function. By logging a crafted message via the syslog function, a local attacker can execute arbitrary code with the privilege of the log2mail process, which is typically a member of group 'adm', resulting in a loss of integrity.

References:

Vendor URL: http://people.debian.org/~enrico/log2mail/ Vendor Specific Advisory URL Secunia Advisory ID:11769 Secunia Advisory ID:11768 ISS X-Force ID: 16311 CVE-2004-0450 Bugtraq ID: 10460