OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 3rd quarter (Jul-Sep) 1996: SECURITY ALERT (libresolv+ bug)

SECURITY ALERT (libresolv+ bug)

Jared Mauch (jaredpuck.nether.net)
Fri, 16 Aug 1996 09:03:19 -0400

----- Forwarded message from Myles Uyema -----

>From mylesnether.net  Fri Aug 16 00:18:31 1996
Date: Thu, 15 Aug 1996 18:18:13 -1000 (HST)
From: Myles Uyema <mylesnether.net>
X-Sender: mylesmicron.intra.network
To: Jared Mauch <jaredpuck.nether.net>
Subject: SECURITY ALERT
Message-ID: <Pine.LNX.3.95.960815181521.10074A-100000micron.intra.network>

-- Start of PGP signed section.
You've probably been informed about this or read about the libresolv+
bug.  Any suid-root binaries should be stripped if they use any of the
resolv routines.  Vulnerable utilities are:

ping, traceroute, ssh.  Remove their global execution priveledges.
A common exploit:  export RESOLV_HOST_CONF=/etc/shadow ; ping asdf


Myles Uyema
mylesnether.net    [finger uyemanether.net for PGP public key]
-- End of PGP signed section.

----- End of forwarded message from Myles Uyema -----