zlibscan : script to find suid binaries possibly affected by zlib vulnerability

From: hologram (holoat_private)
Date: Mon Mar 11 2002 - 18:36:35 PST

Next message: Alex Arndt: "RE: Suspect 'advisory' from someone claiming to be from Microsoft (was Fwd: Internet Security Update)"

Previous message: helmut g. katzgraber: "Re: [RHSA-2002:026-35] Vulnerability in zlib library"
Next in thread: Adam: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Adam: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Florian Weimer: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Bernd Jendrissek: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Jean-loup Gailly: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Dimitry Andric: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Guy Poizat: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

The following is a quick shell script to find suid binaries that are
potentially affected by the zlib vulnability (i.e., those dynamically
linked).

-[snip]-----------------------------------------------------------------

#!/bin/sh
# zlibscan by hologram <holoat_private>
# This will scan to find suid binaries potentially affected by the zlib
# vulnerablity. These are important directories for the Linux system,
# try different ones for other systems (i.e., /usr/etc, /usr/local/bin).
(ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
(ldd `find /sbin -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
(ldd `find /usr/bin -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
(ldd `find /etc -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
(ldd `find /var -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst

-[snap]-----------------------------------------------------------------

- hologram

Next message: Alex Arndt: "RE: Suspect 'advisory' from someone claiming to be from Microsoft (was Fwd: Internet Security Update)"
Previous message: helmut g. katzgraber: "Re: [RHSA-2002:026-35] Vulnerability in zlib library"
Next in thread: Adam: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Adam: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Florian Weimer: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Bernd Jendrissek: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Jean-loup Gailly: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Dimitry Andric: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Reply: Guy Poizat: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 12 2002 - 20:27:14 PST