HPE Community
Operating System - HP-UX
1834711 Members
2392 Online
110069 Solutions
New Discussion

Telnet LD_LIBRARY_PATH

 
Platinum
Occasional Advisor

‎10-10-2002 08:48 PM

‎10-10-2002 08:48 PM

Telnet LD_LIBRARY_PATH

After Cybercop scan, a vulnerability of my workstation (HPUX10.20) was found: 'Telnet LD_LIBRARY_PATH'.
How to resolve it?
0 Kudos
Reply
2 REPLIES 2
Michael Tully
Honored Contributor

‎10-10-2002 09:04 PM

‎10-10-2002 09:04 PM

Re: Telnet LD_LIBRARY_PATH

Have a look at this posting:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x87ce35067c18d6118ff40090279cd0f9,00.html

You could also look into utilising HP-UX Bastille for a second opinion.
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6849AA
Anyone for a Mutiny ?
0 Kudos
Reply
Keith Buck
Respected Contributor

‎10-12-2002 08:13 AM

‎10-12-2002 08:13 AM

Re: Telnet LD_LIBRARY_PATH

As long as the suid bit is not set on telnet (the one that Cybercop found with the problem), then this is not a security problem. LD_LIBRARY_PATH and SHLIB_PATH can in some cases be used to modify the behavior of a binary.

If, however, no suid bit is set, then the user could instead copy the binary and hack it himself to do whatever he wanted. It would still run in that user's process space; there would be no additional risks of privilege elevation.

As far as Bastille is concerned, it currently only supports HP-UX 11.00 and 11.11. However, if you were to run it, it would recommend that you change to Secure Shell. Telnet is by nature a clear-text, spoofable protocol. It's still around because a lot of people are used to it, but it can be completely replaced with Secure Shell which uses an encrypted, spoof-protected protocol.

If you care enough about security to run Cybercop, then it's probably best to start running secure protocols to start with.

Now, if you'd like to make Cypercop stop complaining about a false alarm, the 'chatr' command may be used to modify the binary to get rid of LD_LIBRARY_PATH. Be careful...if you depend on telnet and it breaks, then you'll be a bit stuck. (I'd give more details, but I don't want to confuse the issue talking about telnet vs. telnetd...and I don't know which Cybercop is really complaining about.)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.