Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Glibc Local Root Exploit
From: Matt Zimmerman <mdz () CSH RIT EDU>
Date: Thu, 11 Jan 2001 12:27:51 -0500

On Thu, Jan 11, 2001 at 01:42:52AM +0200, Ari Saastamoinen wrote:

On Wed, 10 Jan 2001, Pedro Margate wrote:

install the ssh binary as suid root by default.  This can be disabled
during configuration or after the fact with chmod.  I believe that would

That exploit can use any suid root program which resolves host names. (For
example ping and traceroute) So you cannot fix that glibc explot only by
unsetting SUID bit of ssh client.

Or more properly, an suid root program which resolves host names _while still
holding root privileges_.  ping from netkit and traceroute from LBNL do not
fall into this category.  fping from SATAN, however, does.

 - mdz

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]