glibc LD_PRELOAD

To: Debian-security <debian-security@lists.debian.org>
Subject: glibc LD_PRELOAD
From: Ethan Benson <erbenson@alaska.net>
Date: Tue, 30 Jan 2001 04:32:17 -0900
Message-id: <[🔎] 20010130043217.L10629@plato.local.lan>
Mail-followup-to: Debian-security <debian-security@lists.debian.org>

is potato vulnerable to the LD_PRELOAD file overwriting vulnerability
discussed at http://www.securityfocus.com/vdb/bottom.html?vid=2223

there was an unexplained libc6 update on Jan 10 for i386 (but not
powerpc, not sure about other archs) to security.debian.org, all the
changelog mentions is `Add backported security patch from glibc 2.2' 

current version of libc6 on powerpc is: 2.1.3-13
current version of libc6 on i386 is: 2.1.3-15

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpWXQJZGX0VH.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: glibc LD_PRELOAD
  - From: Jamie Heilman <jamie@audible.transient.net>

Prev by Date: Re: portsentry dangerous? hardly
Next by Date: Is debian OpenBSD ftpd secure?
Previous by thread: Re: Firewall and IPv6
Next by thread: Re: glibc LD_PRELOAD
Index(es):
- Date
- Thread