> De: Michael Biebl
> Objet: Re: Bug#644611: CVE-2011-3200: Stack-based buffer overflow in the
> parseLegacySyslogMsg function
> À: "emeric boit" , 644...@bugs.debian.org
> Date: Vendredi 7 octobre 2011, 18h44
> Am 07.10.2011 12:55, schrieb emeric
> boit:
> > Package: rsyslog
> > Version: 4.6.4-2
> > Severity: grave
> > Tags: security
> >
> > CVE description:
> > Stack-based buffer overflow in the
> parseLegacySyslogMsg function in
> > tools/syslogd.c in rsyslogd in rsyslog 4.6.x before
> 4.6.8 and 5.2.0
> > through 5.8.4 might allow remote attackers to cause a
> denial of service
> > (application exit) via a long TAG in a legacy syslog
> message.
> >
> > Security Bug Tracker :
> > http://security-tracker.debian.org/tracker/CVE-2011-3200
> > RedHat bug : https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3200
> > Ubuntu Bug : http://www.ubuntu.com/usn/usn-1224-1
> >
> > I've attached the patch based on Ubuntu and RedHat
> patch.
>
> TTBOMK this only affects rsyslog if it was compiled with
> SSP, which the version
> in squeeze isn't. Have you information that this is not the
> case?
> It also only affects rsyslog if you enable remote logging.
>
> That said, Nico Golde asked me, to handle that via a stable
> upload.
>
> Michael
> --
> Why is it that all of the instruments seeking intelligent
> life in the
> universe are pointed away from Earth?
>
It's true with no SSP, no fatal problem seems to occur and the tag character is
usually just truncated. But I think even if SSP isn't in Squeeze by default the
problem must be corrected.
Emeric.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
