zlibscan : script to find suid binaries possibly affected by zlib vulnerability (fwd)

Mark Street jet at sonic.net
Wed Mar 13 08:05:11 PST 2002



---------- Forwarded message ----------
Date: Mon, 11 Mar 2002 21:36:35 -0500 (EST)
From: hologram <holo at brained.org>
To: bugtraq at securityfocus.com, vulnwatch at vulnwatch.org
Subject: zlibscan : script to find suid binaries possibly affected by zlib
    vulnerability

Hi,

The following is a quick shell script to find suid binaries that are
potentially affected by the zlib vulnability (i.e., those dynamically
linked).

-[snip]-----------------------------------------------------------------

#!/bin/sh
# zlibscan by hologram <holo at brained.org>
# This will scan to find suid binaries potentially affected by the zlib
# vulnerablity. These are important directories for the Linux system,
# try different ones for other systems (i.e., /usr/etc, /usr/local/bin).
(ldd `find /bin -perm -4000` 2> /dev/null | grep zlib) > zlib.lst
(ldd `find /sbin -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
(ldd `find /usr/bin -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
(ldd `find /etc -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst
(ldd `find /var -perm -4000` 2> /dev/null | grep zlib) >> zlib.lst

-[snap]-----------------------------------------------------------------

- hologram




More information about the talk mailing list