> De: Michael Biebl <bi...@debian.org> > Objet: Re: Bug#644611: CVE-2011-3200: Stack-based buffer overflow in the > parseLegacySyslogMsg function > À: "emeric boit" <emericb...@yahoo.fr>, 644...@bugs.debian.org > Date: Vendredi 7 octobre 2011, 18h44 > Am 07.10.2011 12:55, schrieb emeric > boit: > > Package: rsyslog > > Version: 4.6.4-2 > > Severity: grave > > Tags: security > > > > CVE description: > > Stack-based buffer overflow in the > parseLegacySyslogMsg function in > > tools/syslogd.c in rsyslogd in rsyslog 4.6.x before > 4.6.8 and 5.2.0 > > through 5.8.4 might allow remote attackers to cause a > denial of service > > (application exit) via a long TAG in a legacy syslog > message. > > > > Security Bug Tracker : > > http://security-tracker.debian.org/tracker/CVE-2011-3200 > > RedHat bug : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3200 > > Ubuntu Bug : http://www.ubuntu.com/usn/usn-1224-1 > > > > I've attached the patch based on Ubuntu and RedHat > patch. > > TTBOMK this only affects rsyslog if it was compiled with > SSP, which the version > in squeeze isn't. Have you information that this is not the > case? > It also only affects rsyslog if you enable remote logging. > > That said, Nico Golde asked me, to handle that via a stable > upload. > > Michael > -- > Why is it that all of the instruments seeking intelligent > life in the > universe are pointed away from Earth? >
It's true with no SSP, no fatal problem seems to occur and the tag character is usually just truncated. But I think even if SSP isn't in Squeeze by default the problem must be corrected. Emeric. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
