Rapid7 Vulnerability & Exploit Database

RHSA-2000:128: New slocate packages available to fix local group slocate compromise

Back to Search

RHSA-2000:128: New slocate packages available to fix local group slocate compromise

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
02/16/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

New slocate packages are availble for Red Hat Linux 6.x and Red Hat Linux 7. These fix a problem with the database parsing code in slocate. (slocate was not shipped with Red Hat Linux prior to version 6.0, so earlier versions are not affected.)

A problem existed in the slocate database parsing code. By using a carefully crafted database, a local user could overwrite some of slocate's internal structures, leading to a local group slocate compromise. The affect of this compromise is that users could read the entire slocate database, and therefore learn the locations of files that they normally would not have permissions to locate. Thanks to Michel Kaempf, zorgon@linuxstart.com, and Michal Zalewski for pointing out the vulnerability.

Solution(s)

  • redhat-upgrade-slocate

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;