Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon4.gif   Elog 2.9.0 buffer overflow crash bug ubuntu linux, posted by John Rouillard on Sun Apr 10 01:49:01 2011 
    icon2.gif   Re: Elog 2.9.0 buffer overflow crash bug ubuntu linux, posted by Stefan Ritt on Fri Apr 15 08:49:26 2011 
Message ID: 67044     Entry time: Sun Apr 10 01:49:01 2011     Reply to this: 67049
Icon: Warning  Author: John Rouillard  Author Email: rouilj+elog@cs.umb.edu 
Category: Bug report  OS: Linux  ELOG Version: 2.9.0 
Subject: Elog 2.9.0 buffer overflow crash bug ubuntu linux  
When running openvas (a nessus fork) against elog 2.9.0 I provoked the following crash:

Apr  9 17:32:06 unixland elogd[1300]: POST / HTTP/1.0#015#012Host: unixland.home
#015#012Content-Length: -800#015#012#015#012XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Apr  9 17:32:06 unixland kernel: [664894.491242] elogd[1300]: segfault at b7713d
2e ip 080b6956 sp bf8d5ea0 error 4 in elogd[8048000+96000]

openvas reports that it was testing for CVE-2002-1212 when the crash occurred.

Startup info:

Apr  9 19:35:54 unixland elogd[21584]: elogd 2.9.0 built Apr  9 2011, 17:49:08 
Apr  9 19:35:54 unixland elogd[21584]: revision 2411

-- rouilj
ELOG V3.1.5-3fb85fa6