Vulnerability Development mailing list archives
linux ld.so vuln - CSSA-2000-028.0
From: "Seth D. Leonard" <teak () BELLSOUTH NET>
Date: Tue, 29 Aug 2000 18:11:41 -0400
this is regarding the linux ld.so unsetenv problem, announced by Caldera a few days ago: http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt for anyone interested, i've put together a demonstration of this problem. the conditions which cause the bug are probably rare to find in real-world suid programs. there is an example vulnerable program included in the tarball. in the short testing performed on a linux SuSE 6.2 box, i didn't find common suid programs to be vulnerable (i tested only sendmail & rcp). i didn't do any tests with perl, but suid perl could potentially produce tasty results. i'd love to hear reports of any vulnerable applications... nimrood@efnet
Attachment:
rumple.tgz
Description:
Current thread:
- linux ld.so vuln - CSSA-2000-028.0 Seth D. Leonard (Aug 29)