Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Secure_linux | Trustix | 1.1 | 1.1 |
Mandrake_linux | Mandrakesoft | 7.0 | 7.0 |
Linux | Redhat | 6.2 | 6.2 |
Mandrake_linux | Mandrakesoft | 7.1 | 7.1 |
Debian_linux | Debian | 2.1 | 2.1 |
Linux | Redhat | 5.2 | 5.2 |
Mandrake_linux | Mandrakesoft | 6.0 | 6.0 |
Slackware_linux | Slackware | * | * |
Mandrake_linux | Mandrakesoft | 6.1 | 6.1 |
Debian_linux | Debian | 2.2 | 2.2 |