---

Home Security

Caldera Security Advisory: DoS with sysklogd, glibc

By

Date: Mon, 22 Nov 1999 09:08:08 -0800
From: Alfred Huger <<a
href=”mailto:ah@SECURITYFOCUS.COM”>ah@SECURITYFOCUS.COM>
Subject: DoS with sysklogd, glibc (Caldera)

Caldera Systems, Inc. Security Advisory

Subject: DoS with sysklogd, glibc
Advisory number: CSSA-1999-035.0
Issue date: 1999 November, 17 Cross reference:

1. Problem Description

On Linux, most services do not log informational or error
messages to their own files, but use the system log daemon,
syslogd, for this.

Unfortunately, the current syslogd has a problem by which any
user on the local host can mount a denial of service attack that
effectively stops all logging. Since all programs that want to send
logging information to syslogd block until they’re able to
establish a connection to syslogd, this will make programs such as
login, su, sendmail, telnetd, etc hang indefinitely.

2. Vulnerable Versions

Systems : previous to COL 2.3
Packages: previous to sysklogd-1.3.31-4

3. Solutions

Workaround: none

The proper solution is to upgrade to the latest packages

rpm -U sysklogd-1.3.31-4.i386.rpm

** Make sure to reboot the machine after installing the fixed
RPM. **

4. Location of Fixed Packages

The upgrade packages can be found on Caldera’s FTP site at:

ftp://ftp.calderasystems.com/pub/OpenLinux/updates/2.3/current/RPMS/

The corresponding source code package can be found at:

ftp://ftp.calderaystems.com/pub/OpenLinux/updates/2.3/current/SRPMS

5. Installing Fixed Packages

Upgrade the affected packages with the following commands:

rpm -U sysklogd-1.3.31-4.i386.rpm

6. Verification

a3a5aba891db83dbb0e31b01879011ac
RPMS/sysklogd-1.3.31-4.i386.rpm
2bdf1431d3a487ee15e2323d61da2366
SRPMS/sysklogd-1.3.31-4.src.rpm

7. References

This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html

This security fix closes Caldera’s internal Problem Report
5074

Caldera wishes to thank Alex Kuznetisov, Alan Cox, and Bill
Nottingham (the latter two of RedHat, Inc.) for their
cooperation.

8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of
the information we provide on this website and/or through our
security advisories. Our advisories are a service to our customers
intended to promote secure installation and use of Caldera
OpenLinux.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.