[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LDM & XDR vulnerability ?

Subject: Re: LDM & XDR vulnerability ?
Date: Thu, 15 Aug 2002 15:01:07 -0600

Karl Hanzel wrote:
> 
> Hi Anne -
> 
> say, i'm trying to assess this vulnerability issue.  I'm thinking:
> 
>   How likely is it that anyone would bother crafting an exploit
>   against an LDM?  They'd have to know that it was vulnerable,
>   and that you have one running.  Wouldn't hackers stick to more
>   mainstream services that are apt to be available & vulnerable?
> 
> *----->

Hi Karl,

I would think that the likelihood of exploitation of this particular
vulnerability would be pretty low for the reasons that you cited.  [My
opinion only.]  Wrt the LDM, someone would have to get the LDM code then
go through some iterative process to try to get it to write something
useful to the correct location in memory...  Even then it would only run
at the permission level of the LDM, so it wouldn't buy them much.

However, applying the patch is so easy (at least for vendors that have
supplied patches) that you might as well just update the libraries when
they become available.  Wrt the LDM, you don't even have to recompile
(although sites may have other applications that use glibc statically,
in which case they'd need to recompile).

Anne
-- 
***************************************************
Anne Wilson                     UCAR Unidata Program            
address@hidden                 P.O. Box 3000
                                  Boulder, CO  80307
----------------------------------------------------
Unidata WWW server       http://www.unidata.ucar.edu/
****************************************************

Prev by Date: Re: 20020815: Problem with 5.2 ldmfail script
Next by Date: Re:
Previous by thread: Re: 20020815: Problem with 5.2 ldmfail script
Next by thread: Re:
Index(es):
- Date
- Thread