| Revision Date: | 2004-01-22 | Version: | 502 |
| Title: | RHSA-2004:041: slocate security update (Moderate) |
| Description: | Slocate is a security-enhanced version of locate, designed to find files on a system via a central database.
Patrik Hornik discovered a vulnerability in Slocate versions up to and including 2.7 where a carefully crafted database could overflow a heap-based buffer. A local user could exploit this vulnerability to gain "slocate" group privileges and then read the entire slocate database. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0848 to this issue.
Users of Slocate should upgrade to these erratum packages, which contain Slocate version 2.7 with the addition of a patch from Kevin Lindsay that causes slocate to drop privileges before reading a user-supplied database.
For Red Hat Enterprise Linux 2.1 these packages also fix a buffer overflow that affected unpatched versions of Slocate prior to 2.7. This vulnerability could also allow a local user to gain "slocate" group privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0056 to this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2003-0056
CVE-2003-0848
RHSA-2004:041-01
|
| Platform(s): | Red Hat Enterprise Linux 3
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux 3 is installed AND slocate is earlier than 0:2.7-3
AND slocate is signed with Red Hat master key
|