(moderator, please post this instead of the previous message).
I found a coredump in tracepath, which is part of the iputils package.
I've tested this on RH 7.1 and 7.2, which both use the same version
(from the iputils-20001110-1 rpm).
[jon@devotchka jon]$ tracepath -n
Segmentation fault (core dumped)
[jon@devotchka jon]$ which tracepath
/usr/sbin/tracepath
[jon@devotchka jon]$ ls -la /usr/sbin/tracepath
-rwxr-xr-x 1 root root 7036 Jan 16 2001
/usr/sbin/tracepath
Tracepath isn't setuid root in any distro i could find, so i figured
that there's no harm in releasing this. But according to the manpage:
"GENERAL NOTE: all these applets, except for tracepath[6] should
be excecutabel only with CAP_NET_RAWIO capability. To all that
I know, they are safe to be used as setuid root."
If you have this installed (and I don't know of a distro that doesn't),
make sure the setuid bit is turned off.
I emailed the author, and he replied that this had been fixed in the
current tree:
"This has been fixed in later version. To all that I remember, it is:
(from RELNOTES) [011002]
* Stepan Koltsov <yozhat_private>, tracepath/tracepth6 segfaulted when used
without address."
-jon
--
jonat_private || www.divisionbyzero.com
gpg key: www.divisionbyzero.com/pubkey.asc
think i have a virus?: www.divisionbyzero.com/pgp.html
"You are in a twisty little maze of Sendmail rules, all confusing."
This archive was generated by hypermail 2b30 : Wed Jan 09 2002 - 15:19:44 PST