what actually uses xdr_mem.c?
D J Hawkey Jr
hawkeyd at visi.com
Wed Mar 26 14:15:40 PST 2003
On Mar 26, at 02:47 PM, Uros Juvan wrote:
>
> Idea is cool, but it just won't work on staticaly linked files, you can
> test this with:
>
> # readelf -a /bin/ls
Oh, man!
It seems as though my command requires that a statically-linked binary
has "relocation sections" (whatever they are), at the very least.
> I don't think there is 100% way of telling whether staticaly linked file
> is linked against vulnerable xdr_mem.o, especially because obviously
> rcsid string is undefined in source file.
> Exept of course searching for machine bytes composing vulnerable code :)
It appears that you're correct. Bummer for me, as I've put out that
command a couple of times now. I _hate_ looking stupid in public,
especially when I think I've done something really smart. :-(
> Regards,
> Uros Juvan
Thanks for hitting me with the Clue Stick. I'll shut up now.
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd at visi.com /\________________/
http://www.visi.com/~hawkeyd/
More information about the freebsd-security
mailing list