Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: zlibscan : script to find suid binaries possibly affected by zlib vulnerability
From: Dimitry Andric <dim () xs4all nl>
Date: Wed, 13 Mar 2002 13:17:21 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2002-03-12 at 03:36:35 hologram wrote:

h> The following is a quick shell script to find suid binaries that
h> are potentially affected by the zlib vulnability (i.e., those
h> dynamically linked).
==snip==
h> (ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst

You might want to search for "libz", because most systems use
libz.so.NN as the filename for the zlib shared libary. Also, why don't
you simply search off the root directory?

Cheers,
- --
Dimitry Andric <dim () xs4all nl>
PGP Key: http://www.xs4all.nl/~dim/dim.asc
Fingerprint: 7AB462D2CE35FC6D42394FCDB05EA30A2E2096A3
Lbh ner abj va ivbyngvba bs gur QZPN

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5i
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm

iQA/AwUBPI81SbBeowouIJajEQKPrgCglDtC+CE3y82BQdfENl6E8usfApEAn1Pz
8wpSVOudsmoUmivQHdg9zYdo
=gpjk
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault