Hacker Newsnew | past | comments | ask | show | jobs light | darkhn

No more than before this; openbsd is not vulnerable to this exploit due to a different syslog() implementation.

Worth being explicit here. The OpenBSD syslog is not just 'different' enough that it was luckily uneffected. It was intentionally designed to avoid this situation more than 20 years ago.


Also there's no publicly known exploit for this one yet even for Linux. The advisory says Qualys put exploit development on hold to coordinate the fix.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact |

Search: