[24666] in bugtraq
Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability
daemon@ATHENA.MIT.EDU (Dimitry Andric)
Wed Mar 13 17:41:40 2002
Date: Wed, 13 Mar 2002 13:17:21 +0100
From: Dimitry Andric <dim@xs4all.nl>
Reply-To: Dimitry Andric <dim@xs4all.nl>
Message-ID: <1859563671.20020313131721@xs4all.nl>
To: hologram <holo@brained.org>
Cc: bugtraq@securityfocus.com, vulnwatch@vulnwatch.org
In-Reply-To: <Pine.BSO.4.33.0203112131260.11537-100000@brained.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2002-03-12 at 03:36:35 hologram wrote:
h> The following is a quick shell script to find suid binaries that
h> are potentially affected by the zlib vulnability (i.e., those
h> dynamically linked).
==snip==
h> (ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
You might want to search for "libz", because most systems use
libz.so.NN as the filename for the zlib shared libary. Also, why don't
you simply search off the root directory?
Cheers,
- --
Dimitry Andric <dim@xs4all.nl>
PGP Key: http://www.xs4all.nl/~dim/dim.asc
Fingerprint: 7AB462D2CE35FC6D42394FCDB05EA30A2E2096A3
Lbh ner abj va ivbyngvba bs gur QZPN
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5i
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm
iQA/AwUBPI81SbBeowouIJajEQKPrgCglDtC+CE3y82BQdfENl6E8usfApEAn1Pz
8wpSVOudsmoUmivQHdg9zYdo
=gpjk
-----END PGP SIGNATURE-----
