Re: [Cooker] security alert in syslkogd

Wed, 20 Sep 2000 07:47:20 -0700 


I received the security alert day before yesterday from Linux Mandrake 
Security Team :-) 
This is what it says

<snip>

Linux-Mandrake Security Update Advisory
________________________________________________________________________

Package name: sysklogd
Date: September 18th, 2000
Advisory ID: MDKSA-2000:050

Affected versions: 6.0, 6.1, 7.0, 7.1
________________________________________________________________________

Problem Description:

A problem exists with the kernel logging daemon (klogd) in the sysklogd
package. A "format bug" makes klogd vulnerable to local root 
compromise, as well as the possibility for remote vulnerabilities under
certain circumstances, which are unprobable. There is also a more
probable semi-remote exploit via knfsd. This update provides a patched
version of klogd that fixes these vulnerabilities.
________________________________________________________________________

Please verify these md5 checksums of the updates prior to upgrading to
ensure the integrity of the downloaded package. You can do this by
running the md5sum program on the downloaded package by using
"md5sum package.rpm".

Linux-Mandrake 6.0:
f025156af9b4b9a296e5cee1cacae36f 6.0/RPMS/sysklogd-1.3.31-14mdk.i586.rpm
50792c33d6d1817b71d734711d6dcd4b 6.0/SRPMS/sysklogd-1.3.31-14mdk.src.rpm

Linux-Mandrake 6.1:
bc44efb4d6721cce0feb87535be14cd5 6.1/RPMS/sysklogd-1.3.31-14mdk.i586.rpm
50792c33d6d1817b71d734711d6dcd4b 6.1/SRPMS/sysklogd-1.3.31-14mdk.src.rpm

Linux-Mandrake 7.0:
4fb519ce5be0516113908140a26ad390 7.0/RPMS/sysklogd-1.3.31-15mdk.i586.rpm
36805570b5f2d7ae792573d45050332a 7.0/SRPMS/sysklogd-1.3.31-15mdk.src.rpm

Linux-Mandrake 7.1:
3d9416b240c87e58338d58361e5b289e 7.1/RPMS/sysklogd-1.3.31-15mdk.i586.rpm
36805570b5f2d7ae792573d45050332a 7.1/SRPMS/sysklogd-1.3.31-15mdk.src.rpm

<snip>

I think this is what you are asking about?

Patti
Registered Linux User #184611

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 9/20/00, 7:14:03 AM, Guillaume Rousse <[EMAIL PROTECTED]> 
wrote regarding [Cooker] security alert in syslkogd:


> There has been a security alert for Debian about syslogkd, but i
> couldn't find the details. Is Mandrake also concerned ?
> http://www.somelist.com/mail.php/132/view/714575
> --
> Guillaume Rousse
> Iremia - Universit� de la R�union

> Plus petites unit�s de mesure
> - de longueur : le millim�tre
> - de volume : le millilitre
> - d'intelligence : le militaire

Reply via email to