log2mail Update for Debian
Posted on: 11/04/2002 11:04 PM

An updated version of log2mail has been released

Enrico Zini discovered a buffer overflow in log2mail, a daemon for watching logfiles and sending lines with matching patterns via mail. The log2mail daemon is started upon system boot and runs as root. A specially crafted (remote) log message could overflow a static buffer, potentially leaving log2mail to execute arbitrary code as root.


Read more


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/log2mail_update_for_debian.html)