Signature Detail

Short Name	SYSLOG:SYSLOG-CRAFTED-PKT
Severity	Critical
Recommended	No
Recommended Action	Drop
Category	SYSLOG
Keywords	passlogd syslog sniffer
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SYSLOG: Crafted passlogd Buffer Overflow Packet

This signature detects attempts to exploit a known vulnerability against passlogd 0.1. The proof-of-concept exploit for the passlogd sniffer creates a malicious packet; attackers can use this exploit and packet to overflow the sniffer daemon and execute malicious code on the server as root.

Extended Description

It has been reported that passlogd does not properly handle some types of input. Because of this, an attacker may be able to gain unauthorized access to hosts running the vulnerable software.

Affected Products

passlogd Project passlogd 0.1.0 a
passlogd Project passlogd 0.1.0 b
passlogd Project passlogd 0.1.0 c
passlogd Project passlogd 0.1.0 d

References

BugTraq: 7261
URL: http://archives.neohapsis.com/archives/bugtraq/2003-04/0021.html
URL: http://online.securityfocus.com/archive/1/317214

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SYSLOG: Crafted passlogd Buffer Overflow Packet

Extended Description

Affected Products

References