Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

OpenSSL Vulnerabilities

From: full-disclosure () lists netsys com (Peter Bieringer)
Date: Fri, 02 Aug 2002 08:33:03 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



- --On Friday, August 02, 2002 09:39:12 AM +0530 Raju Mathur
<raju () linux-delhi org> wrote:


    Tina> Does anyone know if Netscape, Opera, Internet Explorer or
    Tina> any of the other browsers are vulnerable to these issues?

    Tina> Thanks in advance -- Tina Bird

Here's how I do it [line may wrap]:

for i in /bin/* /usr/bin/* /sbin/* /usr/sbin/* /usr/X11R6/bin/*
/usr/local/bin/* ; do if ldd $i | egrep 'libssl' > /dev/null ; then
echo $i ; fi ; done

You could change the list of directories you want to search, or use
the output of a find in the for command.  I don't think libcrypto
has issues; if it does, make the argument to egrep
'libcrypto|libssl'.


And 

# lsof  | egrep 'libcrypto|libssl'

or shorter

# lsof  | egrep 'libcrypto|libssl' | awk '{ print$1 }' | sort | uniq

gives an overview, which current running processes must be restarted
afer updating the libraries (and calling ldconfig).

        Peter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE9Sieke1eqe5WPQi0RAoN+AKC/ubi3GGYla4a2M8dM0YSuEodTNQCg1UOp
SiVRHrDerHZOdGgRHXWlK4o=
=QhAY
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: