Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability
From: Jean-loup Gailly (jloup@gzip.org)Date: 03/13/02
- Previous message: Bernd Jendrissek: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
- In reply to: hologram: "zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 13 Mar 2002 19:41:09 +0100 From: Jean-loup Gailly <jloup@gzip.org> To: <bugtraq@securityfocus.com>, <vulnwatch@vulnwatch.org>
hologram writes:
> The following is a quick shell script to find suid binaries that are
> potentially affected by the zlib vulnability (i.e., those dynamically
> linked).
> #!/bin/sh
> (ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
[...]
Florian Weimer <weimer@cert.uni-stuttgart.de> has written find-zlib
http://cert.uni-stuttgart.de/files/fw/find-zlib
which will do a much better job of finding applications using zlib.
A partial list of such applications is given in
http://www.gzip.org/zlib/apps.html
Thanks to Roman Drahtmueller <draht@suse.de> for contributing most of
this list.
Jean-loup
- Previous message: Bernd Jendrissek: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
- In reply to: hologram: "zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
