DoS против syslog-ng

Определенная комбинация символов приводи к краху сервиса...

DoS possibility in syslog-ng

BalaBit security advisory Advisory ID: BB-2000/01 Package: syslog-ng Versions affected: versions prior to and including 1.4.8 Problem type: remote DoS attack Date: 2000-11-22 1 Background syslog-ng is a portable syslog implementation. Its highlights include regexp based log selection, TCP transpo...

CVE-2000-0583

CVE-2000-0583 affects the vpopmail package: the vchkpw program (versions prior to 4.8) fails to properly cleanse an untrusted format string in a syslog call, enabling remote users to trigger a denial of service by sending a USER or PASS command containing formatting directives. The remediation is...

Format strings: bug #2: LPRng

Hi, SUMMARY ------- LPRng is almost certainly vulnerable to remote-root compromise on account of a format string bug. The flaw is almost identical to the rpc.statd one I found; namely a faulty syslog wrapper. This is becoming a very common flaw. Details ------- Here is a code excerpt from:...

Format strings: bug #1: BSD-lpr

Hi, INTRO ----- Welcome to a short series of security bugs, all involving mistakes with "user supplied format strings". This class of bug is very popular on Bugtraq at the moment, so what an ideal time for a few examples. BSD-lpr ------- If we look into lpr/lpd/printjob.c, we can find the followi...

irix.telnetd.txt

We've found a very severe vulnerability in the IRIX telnetd service that upon successful exploitation can give remote root access to any IRIX 6.2-6.5.8m,f system. The bug discussed here appeared in IRIX 5.2-6.1 systems and was the result of SGI efforts to patch a security vulnerability reported b...

Conectiva 4.x/5.x / Debian 2.x / RedHat 6.x / S.u.S.E 6.x/7.0 / Trustix 1.x - rpc.statd Remote Format String (2)

// source: https://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the 'syslog' function, a remote...

CVE-2000-0583

vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives...

PT-2000-1517 · Vpopmail · Vpopmail

Name of the Vulnerable Software and Affected Versions: vpopmail versions prior to 4.8 Description: The issue is related to the vchkpw program in vpopmail, which does not properly cleanse an untrusted format string used in a call to syslog. This allows remote attackers to cause a denial of service...

fcheck.txt

The short explanation: fcheck is a file integrity checker written in perl. It can send warnings to syslog via an external program such as logger1. Because it calls system with a scalar argument, a malicious user can cause it to execute programs by creating files with shell metacharacters in their...

CVE-1999-0171

The CVE-1999-0171 issue is described in multiple connected sources as a denial-of-service in syslogd (notably on IRIX). SGI’s advisory attributes a buffer overrun in the syslogd binary that can crash the service, potentially enabling remote exploitation and DoS. The advisory states this vulnerabi...

CVE-1999-0381

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access...

CVE-1999-0171

Denial of service in syslog by sending it a large number of superfluous messages...

CVE-1999-0566

Affected software: SGI IRIX syslogd (remote logging daemon). Root cause / vulnerability type: remote buffer overflow in syslogd that can be triggered to crash or potentially execute code. Impact: denial of service (crash) and possible arbitrary code execution with syslogd privileges. Exploitation...

CVE-1999-0566

An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities...

CVE-1999-0099

CVE-1999-0099 is a vulnerability in the syslog utility described as a buffer overflow that can allow local or remote attackers to gain root privileges. The connected sources (NVD, Red Hat CVE page, CVE list, EUVD/PTSecurity notes) corroborate the issue but do not consistently provide concrete det...

CVE-1999-0063

Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port...

CVE-1999-0099

Buffer overflow in syslog utility allows local or remote attackers to gain root privileges...

EUVD-1999-0063

Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port...

putsyslog.txt

http://www.rootshell.com/ From [email protected] Wed Jul 8 10:18:27 1998 Date: Wed, 8 Jul 1998 19:08:41 +0200 From: Paul Boehm To: [email protected] Subject: putsyslog hi, users can write messages to syslog and thus hide files in there and bypass quotas.. later they can extract it if they ha...