Debian: New syslog-ng packages fix denial of service

    Date15 Jan 2008
    CategoryDebian
    4039
    Posted ByLinuxSecurity Advisories
    Oriol Carreras discovered that syslog-ng, a next generation logging daemon can be tricked into dereferencing a NULL pointer through malformed timestamps, which can lead to denial of service and the disguise of an subsequent attack, which would otherwise be logged.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1464-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                       Moritz Muehlenhoff
    January 15, 2008                      http://www.debian.org/security/faq
    - ------------------------------------------------------------------------
    
    Package        : syslog-ng
    Vulnerability  : null pointer dereference
    Problem type   : local
    Debian-specific: no
    CVE Id(s)      : CVE-2007-6437
    
    Oriol Carreras discovered that syslog-ng, a next generation logging
    daemon can be tricked into dereferencing a NULL pointer through
    malformed timestamps, which can lead to denial of service and the
    disguise of an subsequent attack, which would otherwise be logged.
    
    For the unstable distribution (sid), this problem has been fixed in
    version 2.0.6-1.
    
    For the stable distribution (etch), this problem has been fixed in
    version 2.0.0-1etch1.
    
    The old stable distribution (sarge) is not affected.
    
    We recommend that you upgrade your syslog-ng package.
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian 4.0 (stable)
    - -------------------
    
    Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    
    Source archives:
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1.dsc
        Size/MD5 checksum:      630 0c4d7f9fe291909962a6b5ef92eca5e4
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0.orig.tar.gz
        Size/MD5 checksum:   346056 6ea55c647dcbd3d58a58b8d90f7ea300
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1.diff.gz
        Size/MD5 checksum:    10487 a1411ff4c12a79a915ba7e27d9ce79ba
    
    alpha architecture (DEC Alpha)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_alpha.deb
        Size/MD5 checksum:   216072 c1eb157b2bd909ee23c7443b602b5446
    
    amd64 architecture (AMD x86_64 (AMD64))
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_amd64.deb
        Size/MD5 checksum:   199956 393ba6fe859eb97fea6bbe95fdafc54f
    
    arm architecture (ARM)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_arm.deb
        Size/MD5 checksum:   182992 5566905c2821adc329617626eae19b5c
    
    hppa architecture (HP PA RISC)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_hppa.deb
        Size/MD5 checksum:   204112 c3d2f3d7f4878330f70cd7842c8e6bc1
    
    i386 architecture (Intel ia32)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_i386.deb
        Size/MD5 checksum:   177118 cfe45722a293c23a72b6791f1ac30549
    
    ia64 architecture (Intel ia64)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_ia64.deb
        Size/MD5 checksum:   271682 fbd2a41a0d894a261ac44d5d6ed28208
    
    mips architecture (MIPS (Big Endian))
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_mips.deb
        Size/MD5 checksum:   203130 92d7ec89d158491a80629f8a75a3f8cb
    
    mipsel architecture (MIPS (Little Endian))
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_mipsel.deb
        Size/MD5 checksum:   203422 56cfd580b06ee59a92121cd8a17c52f3
    
    powerpc architecture (PowerPC)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_powerpc.deb
        Size/MD5 checksum:   189374 01053f541ef4eb99dcfe7023e4f0e7fb
    
    s390 architecture (IBM S/390)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_s390.deb
        Size/MD5 checksum:   201736 9921207160c7d67b7f0cf5b8571054c7
    
    sparc architecture (Sun SPARC/UltraSPARC)
    
      http://security.debian.org/pool/updates/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_sparc.deb
        Size/MD5 checksum:   176494 327ce3c41678d0a54f4d37e97ef9d411
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"40","type":"x","order":"1","pct":48.78,"resources":[]},{"id":"88","title":"Should be more technical","votes":"13","type":"x","order":"2","pct":15.85,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"29","type":"x","order":"3","pct":35.37,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.