Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability

From: Jean-loup Gailly (jloupat_private)
Date: Wed Mar 13 2002 - 10:41:09 PST

Next message: Christopher X. Candreva: "Re: OpenSSH rebuild warning: problems avoiding zlib problems in Solaris"

Previous message: Bernd Jendrissek: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
In reply to: hologram: "zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Next in thread: Dimitry Andric: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hologram writes:

> The following is a quick shell script to find suid binaries that are
> potentially affected by the zlib vulnability (i.e., those dynamically
> linked).
> #!/bin/sh
> (ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
[...]

Florian Weimer <weimerat_private-stuttgart.de> has written find-zlib
http://cert.uni-stuttgart.de/files/fw/find-zlib
which will do a much better job of finding applications using zlib.

A partial list of such applications is given in
http://www.gzip.org/zlib/apps.html
Thanks to Roman Drahtmueller <drahtat_private> for contributing most of
this list.

Jean-loup

Next message: Christopher X. Candreva: "Re: OpenSSH rebuild warning: problems avoiding zlib problems in Solaris"
Previous message: Bernd Jendrissek: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
In reply to: hologram: "zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Next in thread: Dimitry Andric: "Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 13 2002 - 15:29:05 PST