Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability
From: Jean-loup Gailly <jloup () gzip org>
Date: Wed, 13 Mar 2002 19:41:09 +0100

hologram writes:

The following is a quick shell script to find suid binaries that are
potentially affected by the zlib vulnability (i.e., those dynamically
linked).
#!/bin/sh
(ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
[...]

Florian Weimer <weimer () cert uni-stuttgart de> has written find-zlib
http://cert.uni-stuttgart.de/files/fw/find-zlib
which will do a much better job of finding applications using zlib.

A partial list of such applications is given in
http://www.gzip.org/zlib/apps.html
Thanks to Roman Drahtmueller <draht () suse de> for contributing most of
this list.

Jean-loup


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]