[18586] in bugtraq
Re: Glibc Local Root Exploit
daemon@ATHENA.MIT.EDU (Matt Zimmerman)
Fri Jan 12 16:05:11 2001
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="JP+T4n/bALQSJXh8"
Content-Disposition: inline
Message-ID: <20010111102229.N8682@alcor.net>
Date: Thu, 11 Jan 2001 10:22:33 -0500
Reply-To: Matt Zimmerman <mdz@CSH.RIT.EDU>
From: Matt Zimmerman <mdz@CSH.RIT.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.30.0101101741160.531-100000@mail>; from
bgreenbaum@SECURITYFOCUS.COM on Wed, Jan 10,
2001 at 05:53:03PM -0800
--JP+T4n/bALQSJXh8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jan 10, 2001 at 05:53:03PM -0800, Ben Greenbaum wrote:
> Summary of responses:
>=20
> ----------------------------------
> From: Jag <agrajag@linuxpower.org>
>=20
> On Wed, 10 Jan 2001, Thomas T. Veldhouse wrote:
> > This does not happen on my machine using glibc-2.2 and openssh-2.3.0p1
> > following your example.
> I have reproduced it with glibc-2.2 and openssh-2.3.0p1 The key is that
> you must actually ssh to a valid host. If ssh can't resolve the host,
> it won't display the contents of the file.
This is not true. host.conf file is read _before_ the actual query takes
place, as its options affect how the query is done. It does not matter what
hostname is passed to the resolver.
--=20
- mdz
--JP+T4n/bALQSJXh8
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6Xc+1ArxCt0PiXR4RAse5AKDelG3eMu+47DTJDWU7vErFKvgW0wCff4bv
+smKh+2gfiHv/Ekly4x8sY8=
=iA/H
-----END PGP SIGNATURE-----
--JP+T4n/bALQSJXh8--
