Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability

From: Jean-loup Gailly (jloup@gzip.org)
Date: 03/13/02


Date: Wed, 13 Mar 2002 19:41:09 +0100
From: Jean-loup Gailly <jloup@gzip.org>
To: <bugtraq@securityfocus.com>, <vulnwatch@vulnwatch.org>

hologram writes:

> The following is a quick shell script to find suid binaries that are
> potentially affected by the zlib vulnability (i.e., those dynamically
> linked).
> #!/bin/sh
> (ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
[...]

Florian Weimer <weimer@cert.uni-stuttgart.de> has written find-zlib
http://cert.uni-stuttgart.de/files/fw/find-zlib
which will do a much better job of finding applications using zlib.

A partial list of such applications is given in
http://www.gzip.org/zlib/apps.html
Thanks to Roman Drahtmueller <draht@suse.de> for contributing most of
this list.

Jean-loup