--nextPart3489084.L3jKd3FtQe
Content-Type: Text/Plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
All,
If you've seen the recent Microsoft advisory. I put together a nice post o=
n a=20
similar DLL hijacking issue that affects Linux (and other POSIX-alikes). Y=
ou=20
can read the full details on my blog (http://www.nth-
dimension.org.uk/blog.php?id=3D87) but the key point is that an empty direc=
tory=20
specification statement in LD_LIBRARY_PATH, PATH (and probably others) is=20
equivalent to $CWD. That is to say that LD_LIBRARY_PATH=3D":/lib" is equiv=
alent=20
to LD_LIBRARY_PATH=3D".:/lib". It can occur when a script has=20
LD_LIBRARY_PATH=3D"$LD_LIBRARY_PATH:/lib" or similar and LD_LIBRARY_PATH ha=
sn't=20
previously been defined. It's worth checking for this kind of thing in scr=
ipts=20
that may be run via sudo/su when auditing hosts. I don't believe it's a=20
vulnerability per se, but particular instances of broken scripts may well b=
e.
Tim =20
=2D-=20
Tim Brown
<mailto:timb@nth-dimension.org.uk>
<http://www.nth-dimension.org.uk/>
--nextPart3489084.L3jKd3FtQe
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAABCAAGBQJMdFUfAAoJEPJhpTVyySo7kNIQAIdJuHTG4hdOalanKurfQHbC
xmWkAyd+mvD8s+G8juwTSJXPJ2+q/Sl4iYJq76a2x3ludjPnMGwOY4AZdqmoDYkI
8/+y434KoI4YLcr/bwRj2ag+9phjdjqxMtUbMfdQatAMqbtUIWTc38sdyhB7fOF4
it90HV+QTqjxDyHy965NjY1C/USf4FKyWpYHjcVYw0RSPzvDDQyAvV1qbACZyZ2y
t5pYHnrDwLq7+M98ORoWV43ffraBBbVQjb+qb6ocOOz8kCwX/xQL94qt+GzTWrNg
ZlrQy0Rn6aCB0lZtwNr/KAIw7FruN2csGYiBrQz0GEYIgYKQ4CIURDA5wfJucZil
s9lKEO3ewTP1vP7Lh297nTalNZq3gO2+klmtkiNO4uJQCeTZ0aYfENAYbPUuWznf
yxKR2Q9AcZMkHpZhA7ygcYjrPjLF8iAA/d/ZJA6+fyb/iHmNy4XQL6tM59IRB+ek
S8MGb2cGfHSwYndngpTwxo9R2YEU4nRBE6+iCI2utB/mbfrh1WdtVZtWEFDe+fnP
3xrA4R0PtYq5pGJGrjbHB3le+kc58nIpZu3fJ7wRtS7stZ3L+D3v0SrGju/TnFf+
D1r8bRot9vvLw/YQ2CO5OUV91DMVxwLXwf+CnAvheMukiudGZ5TCMKgpFr9Ux46v
LwVvwpBxUPlf5zADTGYO
=uUZW
-----END PGP SIGNATURE-----
--nextPart3489084.L3jKd3FtQe--
討論串 (同標題文章)