Debian Security Advisory
sysklogd -- root exploit
- Date Reported:
- 19 Sep 2000
- Affected Packages:
- sysklogd
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2000-0867.
- More information:
- Multiple vulnerabilities have been reported in syslogd
and klogd. A local root exploit is possible, and remote exploits may be
possible in some cases (though we are not currently aware of a remote exploit.)
Fixed packages are available in version 1.3-31.slink1 for Debian 2.1 (slink) and version 1.3-33.1 for Debian 2.2 (potato). We recommend upgrading your sysklogd package immediately.
- Fixed in:
-
Debian 2.1 (slink)
- Source:
-
http://security.debian.org/dists/slink/updates/source/sysklogd_1.3.orig.tar.gz
-
http://security.debian.org/dists/slink/updates/source/sysklogd_1.3-31.slink1.diff.gz
-
http://security.debian.org/dists/slink/updates/source/sysklogd_1.3-31.slink1.dsc
- i386:
-
http://security.debian.org/dists/slink/updates/binary-i386/sysklogd_1.3-31.slink1_i386.deb
Debian 2.2 (potato)
- Source:
-
http://security.debian.org/dists/potato/updates/main/source/sysklogd_1.3-33.1.diff.gz
http://security.debian.org/dists/potato/updates/main/source/sysklogd_1.3-33.1.dsc
http://security.debian.org/dists/potato/updates/main/source/sysklogd_1.3.orig.tar.gz
- alpha:
-
http://security.debian.org/dists/potato/updates/main/binary-alpha/sysklogd_1.3-33.1_alpha.deb
- arm:
-
http://security.debian.org/dists/potato/updates/main/binary-arm/sysklogd_1.3-33.1_arm.deb
- i386:
-
http://security.debian.org/dists/potato/updates/main/binary-i386/sysklogd_1.3-33.1_i386.deb
- sparc:
-
http://security.debian.org/dists/potato/updates/main/binary-sparc/sysklogd_1.3-33.1_sparc.deb