Undocumented vulnerability in `ldd`


The `ldd` utility is more vulnerable than you think. It’s frequently used by programmers and system administrators to determine the dynamic library dependencies of executables. Sounds pretty innocent, right? Wrong! It turns out that running `ldd` on an executable can result in executing arbitrary code. I researched this subject thoroughly and found that it was almost completely undocumented.

Read more »
pkrumins's picture
Created by pkrumins 12 years 12 weeks ago – Made popular 12 years 12 weeks ago
Category: Beginner   Tags:

Best karma users