Ulogd Unspecified Buffer Overflow Vulnerability
BID:22139
Info
Ulogd Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 22139 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0460 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 19 2007 12:00AM |
| Updated: | Mar 19 2007 06:04PM |
| Credit: | This issue was disclosed in the referenced SUSE advisory. |
| Vulnerable: |
S.u.S.E. openSUSE 10.2 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 10.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 GNU Ulogd 1.23 Gentoo Linux |
| Not Vulnerable: | |
Discussion
Ulogd Unspecified Buffer Overflow Vulnerability
Ulogd is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected daemon. Failed attempts will likely result in denial-of-service conditions.
Ulogd is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected daemon. Failed attempts will likely result in denial-of-service conditions.
Exploit / POC
Ulogd Unspecified Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Ulogd Unspecified Buffer Overflow Vulnerability
Solution:
Please see the referenced advisories for more information.
GNU Ulogd 1.23
Solution:
Please see the referenced advisories for more information.
GNU Ulogd 1.23
-
Mandriva ulogd-1.23-2.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-1.23-2.1.20060mlcs4.src.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-1.23-2.1.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-mysql-1.23-2.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-mysql-1.23-2.1.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-pcap-1.23-2.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-pcap-1.23-2.1.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-pgsql-1.23-2.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-pgsql-1.23-2.1.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-sqlite-1.23-2.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva ulogd-sqlite-1.23-2.1.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
References
Ulogd Unspecified Buffer Overflow Vulnerability
References:
References:
- gnumonks project homepage (gnumonks.org)