Mandrake Linux Security Advisory : sysklogd (MDKSA-2004:038)
High Nessus Plugin ID 14137
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionSteve Grubb discovered a bug in sysklogd where it allocates an insufficient amount of memory which causes sysklogd to write to unallocated memory. This could allow for a malicious user to crash sysklogd.
The updated packages provide a patched sysklogd using patches from Openwall to correct the problem and also corrects the use of an unitialized variable (a previous use of 'count').
SolutionUpdate the affected sysklogd package.