Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:038: sysklogd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the sysklogd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:038 (sysklogd).
Steve Grubb discovered a bug in sysklogd where it allocates an insufficient
amount of memory which causes sysklogd to write to unallocated memory. This
could allow for a malicious user to crash sysklogd.
The updated packages provide a patched sysklogd using patches from Openwall to
correct the problem and also corrects the use of an unitialized variable (a
previous use of 'count').
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:038
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.