zlibscan : script to find suid binaries possibly affected by zlib vulnerability (fwd)
Eric Eisenhart
eric at eisenhart.com
Wed Mar 13 08:32:10 PST 2002
[snip]
> ---------- Forwarded message ----------
> From: hologram <holo at brained.org>
> Subject: zlibscan : script to find suid binaries possibly affected by zlib
> vulnerability
[snip]
> #!/bin/sh
> # zlibscan by hologram <holo at brained.org>
> # This will scan to find suid binaries potentially affected by the zlib
> # vulnerablity. These are important directories for the Linux system,
> # try different ones for other systems (i.e., /usr/etc, /usr/local/bin).
> (ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
> (ldd `find /sbin -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
> (ldd `find /usr/bin -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
> (ldd `find /etc -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
> (ldd `find /var -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
Is it just me, or does this seem kind of pointless for 99% of folks? Just
upgrade the dynamic library to one that's not vulnerable and you're set, no
need to search.
(Also, the script above has a rather significant bug; replace "zlib" with
"libz.so" and it actually works on my system... You still won't be able to
tell where it found the bug, but you'll know that it found a bug. If you
were to do this, you'd really want to search /usr/local as well)
--
Eric Eisenhart Freedom is slavery. http://eric.eisenhart.com/
^ ICQ#: 48217244 Ignorance is strength. eric-dot-sig at eisenhart.com
/e\ Perl&SQL Coder War is peace. IRC Nicks: Falsch Freiheit
--- -- George Orwell
More information about the talk
mailing list