J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1537
    posted: 11/06/09
  • NSM Daily Update #1537
    posted: 11/06/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1537
    posted: 11/06/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/06/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/05/09

Title: SERCD, SREDIRD Syslog() Format String Vulnerability

Severity: CRITICAL

Description:

SREDIRD is a serial communications daemon. It is used to allow connections to serial ports via TCP connections. SERCD is a derivitive of SREDIRD.

It is reported that SERCD and SREDIRD both contain a format string vulnerability in their logging function. This issue is due to a failure of the applications to properly sanitize user-supplied input before using it as the format specifier in a formatted printing function.

This vulnerability presents itself in SERCD in the 'LogMsg' function contained in the 'sercd.c' file. This function passes the 'Msg' variable to the syslog() function as the format string specification. Due to improper message sanitization, any format string specifiers are interpreted literally, giving the attacker control over process memory.

The same functions in the SREDIRD package, in the 'sredird.c' file are susceptible to the same exact vulnerability.

Successful exploitation of this issue will allow an attacker to execute arbitrary code on the affected computer with the privileges of the affected package. These processes are commonly run as the superuser in order to access the serial port.

Versions of SERCD prior to 2.3.1, and all known versions of SREDIRD are reported susceptible to this vulnerability.

BID 11002 was split into this BID and BID 11033.

Affected Products:

  • Denis Sbragion sredird 1.0.0
  • Denis Sbragion sredird 1.1.6
  • Denis Sbragion sredird 1.1.7
  • Denis Sbragion sredird 1.1.8
  • Denis Sbragion sredird 2.0.0
  • Denis Sbragion sredird 2.1.0
  • Denis Sbragion sredird 2.2.0
  • Denis Sbragion sredird 2.2.1
  • Peter Ã…strand SERCD 2.3.0.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.