Debian Security Advisory

DSA-005-1 slocate -- local exploit

Date Reported:

17 Dec 2000

Affected Packages:

slocate

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2001-0066.

More information:

Michel Kaempf reported a security problem in slocate (a secure version of locate, a tool to quickly locate files on a filesystem) on bugtraq which was originally discovered by zorgon. He discovered there was a bug in the database reading code which made it overwrite an internal structure with some input. He then showed this could be exploited to trick slocate into executing arbitrary code by pointing it to a carefully crafted database.

This has been fixed in version 2.4-2potato1 and we recommend that you upgrade your slocate package immediately.

Fixed in:

Debian 2.2 (potato)

Source:: http://security.debian.org/dists/stable/updates/main/source/slocate_2.4-2potato1.diff.gz; http://security.debian.org/dists/stable/updates/main/source/slocate_2.4-2potato1.dsc; http://security.debian.org/dists/stable/updates/main/source/slocate_2.4.orig.tar.gz
alpha:: http://security.debian.org/dists/stable/updates/main/binary-alpha/slocate_2.4-2potato1_alpha.deb
arm:: http://security.debian.org/dists/stable/updates/main/binary-arm/slocate_2.4-2potato1_arm.deb
i386:: http://security.debian.org/dists/stable/updates/main/binary-i386/slocate_2.4-2potato1_i386.deb
m68k:: http://security.debian.org/dists/stable/updates/main/binary-m68k/slocate_2.4-2potato1_m68k.deb
powerpc:: http://security.debian.org/dists/stable/updates/main/binary-powerpc/slocate_2.4-2potato1_powerpc.deb
sparc:: http://security.debian.org/dists/stable/updates/main/binary-sparc/slocate_2.4-2potato1_sparc.deb