See it on the front page right now. It says Slack 7.x systems are vulnerable.

I checked the link (which naturally, is not working). Not to be so easily put down, I looked in the slackware-7.1 tree because a preliminary 7.2 went up this afternoon in 'slackware-current.' I couldn't find it there, either. So I don't see it in the current tree, and I don't see it in the 7.1 tree. I checked http://www.slackware.com and don't see any information about it whatever.

Does this hole really exist, or what? It seems to me that it'd be common knowledge by now if it really hit Slack 7.1 systems. I don't remember how to check my glibc version (heh, of all things to not remember) but when I run `locate glibc` it doesn't turn up any shared objects... although there are trees for glibc 2.1.3. Probably what I've got. http://www.linuxnewbie.org/ubb/biggrin.gif

Anyway, it says in the "development" version of glibc for that debian link, and what I don't get is that I was under the impression that Redhat was the one famous for releasing unstable/development versions of compiler stuff. http://www.linuxnewbie.org/ubb/biggrin.gif

In the end, does the vulnerability actually affect slack 7.1, and if it does, where can I find something to fix it? Getting really tired of looking and not finding. http://www.linuxnewbie.org/ubb/mad.gif

tia

------------------
grab my gnupg key (http://jove.prohosting.com/~msibn/sibn-p.asc) if you feel so inclined.


cAPS lOCK? wHAT cAPS lOCK?
I cna ytpe 300 wrods pre mniuet!!!
an operating system has not just advantages...

It's not just slackware. It's every Linux system with a glibc2.2. You can get the latest glibc and glibcso package from the slackware-current tree..

Goodluck http://www.linuxnewbie.org/ubb/biggrin.gif

Slackware 7.x is not vulverable. It's a mistake on the front page (at least according to bugtraq)
http://www.securityfocus.com/bid/2181

Slack 7.x comes with glibc 2.1, and so is not vulnerable. However, slackware-current comes with glibc 2.2 and that is vulnerable. The patches have been released and announced via the Slack security mailing list. Just grab the new ones off ftp.slackware.com

Thanks peeps.

I was getting confused, because it seemed to me like glibc 2.1.3 was supposed to BE a stable version, and I thought it said it only affected development versions of glibc.

That being the case, the 7.x on the front page here oughtta be changed (obviously) to something more accurate. Once again, thx.


------------------
grab my gnupg key (http://jove.prohosting.com/~msibn/sibn-p.asc) if you feel so inclined.


cAPS lOCK? wHAT cAPS lOCK?
I cna ytpe 300 wrods pre mniuet!!!
an operating system has not just advantages...

This exploit is really weird...

Certain setuid root programs, like ping (don't ask why most distros make ping setuid, but they do) can be used to get the contents of /etc/shadow if the RESOLV_HOST_CONF shell variable is set to /etc/shadow -- if you try to run the command with the variable set like that, it'll say something like "(first line of your /etc/shadow here): bad argument" and so on for every line of the /etc/shadow.

It can only be exploited by someone who actually has shell access on the machine, so if your friends have shell accounts on your box, try to get patched pretty quickly.

------------------
http://users.ipa.net/~cmcpher/paminv.gif DEBIAN (http://www.debian.org/) http://users.ipa.net/~cmcpher/paminv.gif
It turns girls into statues!

[This message has been edited by Craig McPherson (edited 14 January 2001).]

The frontpage had a bad url. The actual url is at ftp://ftp.slackware.com/pub/slackware/slackware-current/ChangeLog.txt

link fixed.

------------------
Sensei
LNO Seti Black Belts Team Stats
http://setiathome.ssl.berkeley.edu/stats/team/team_11027.html

Join the Linuxnewbie.org SETI Black Belts!
http://setiathome.ssl.berkeley.edu/cgi-bin/cgi?cmd=team_join_form&id=11027

Originally posted by Craig McPherson:
This exploit is really weird...

Certain setuid root programs, like ping (don't ask why most distros make ping setuid, but they do) can be used to get the contents of /etc/shadow if the RESOLV_HOST_CONF shell variable is set to /etc/shadow -- if you try to run the command with the variable set like that, it'll say something like "(first line of your /etc/shadow here): bad argument" and so on for every line of the /etc/shadow.

It can only be exploited by someone who actually has shell access on the machine, so if your friends have shell accounts on your box, try to get patched pretty quickly.



Actually, I understand how it works pretty well now that you explain it. That being said:

Friends I don't trust with a shell account don't get one. Even the ones who I DO trust don't get one, because I don't run netservices regularly. When somebody like that wants to actually DO something, then I'll permit connections from that ip, raise inetd, work through it together, and when I'm done, I kill inetd (and any other processes he started, like in.telnetd), set inetd.conf to deny ALL:ALL connections, and nuke the password for that user account.

At this moment in time, I have no user accounts for people like this, but I've had altogether 3 in the past. I tend to delete user accounts and home directories that aren't being used for anything.

I think as far as shell accounts go, I've got a pretty good policy for it. http://www.linuxnewbie.org/ubb/biggrin.gif

------------------
grab my gnupg key (http://jove.prohosting.com/~msibn/sibn-p.asc) if you feel so inclined.


cAPS lOCK? wHAT cAPS lOCK?
I cna ytpe 300 wrods pre mniuet!!!
an operating system has not just advantages...