mailing list archives
Re: Glibc Local Root Exploit
From: Matt Zimmerman <mdz () CSH RIT EDU>
Date: Thu, 11 Jan 2001 12:27:51 -0500
On Thu, Jan 11, 2001 at 01:42:52AM +0200, Ari Saastamoinen wrote:
On Wed, 10 Jan 2001, Pedro Margate wrote:
install the ssh binary as suid root by default. This can be disabled
during configuration or after the fact with chmod. I believe that would
That exploit can use any suid root program which resolves host names. (For
example ping and traceroute) So you cannot fix that glibc explot only by
unsetting SUID bit of ssh client.
Or more properly, an suid root program which resolves host names _while still
holding root privileges_. ping from netkit and traceroute from LBNL do not
fall into this category. fping from SATAN, however, does.