Red Hat Bugzilla – Bug 69243
logwatch goes wrong when it finds IPv6 addresses
Last modified: 2008-05-01 11:38:03 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020606
Description of problem:
When logwatch comes across a version 6 IP literal (ie the 1:2:3:4:5:6:7:8
format) it fails to parse it and gives an error message. The message says that
something was not numeric, perhaps because it tried to split the address up by
searching for '.'.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Turn on IPv6 in /etc/sysconfig/network. If there are no router
advertisements on your network you may need to configure an IPv6 address for
your machine manually. You may also need to reboot in order for the settings to
2. Ensure that sshd is running and listening on the IPv6 interface. (This is
just an example, other services do it too.)
3. Use ssh to connect to the IPv6 interface.
4. Use logwatch to analyse the resulting log file entries.
Actual Results: An error message was output saying that some text was not numeric.
Expected Results: The IPv6 addresses should have been treated the same was as
Although this bug cannot be used to gain unauthorised access, it reduces the
security of your machine. Proper audit is an important security function. For
this reason I am marking this bug as security- related. At the same time, IMO,
this bug does not have the same priority as an exploitable security hole.
*** This bug has been marked as a duplicate of 62893 ***