[MBT] new ticket for pkg slocate "Local privilege escalation"
bugs at pld-linux.org
bugs at pld-linux.org
Thu Feb 5 14:53:47 CET 2004
Date: 2004-02-05 14:53:46+01 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: Local privilege escalation
Ticket ID: #831
Ticket URL: http://bugs.pld-linux.org/?bug=831
Package: slocate-1:2.7-1
Distribution: PLD-1.0.updates.security
Category: security problem
Current state: opened
Text:
See CAN-2003-0848:
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
I see that the last changelog mentions "SLOCATE_PATH buffer overstep", but it is dated before e.g.
http://www.ebitech.sk/patrik/SA/SA-20031006.txt
cited in the CAN advisory, so I belive this to be a new issue.
More information about the pld-bugs
mailing list