Detections
Analytics

RHEL 2.1 / 3 : slocate (RHSA-2004:041)

high Nessus Plugin ID 12457

Synopsis

The remote Red Hat host is missing a security update.

Description

Updated slocate packages are now available that fix vulnerabilities allowing a local user to gain 'slocate' group privileges.

Slocate is a security-enhanced version of locate, designed to find files on a system via a central database.

Patrik Hornik discovered a vulnerability in Slocate versions up to and including 2.7 where a carefully crafted database could overflow a heap-based buffer. A local user could exploit this vulnerability to gain 'slocate' group privileges and then read the entire slocate database. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0848 to this issue.

Users of Slocate should upgrade to these erratum packages, which contain Slocate version 2.7 with the addition of a patch from Kevin Lindsay that causes slocate to drop privileges before reading a user-supplied database.

For Red Hat Enterprise Linux 2.1 these packages also fix a buffer overflow that affected unpatched versions of Slocate prior to 2.7.
This vulnerability could also allow a local user to gain 'slocate' group privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0056 to this issue.

Solution

Update the affected slocate package.

See Also

https://access.redhat.com/security/cve/cve-2003-0056

https://access.redhat.com/security/cve/cve-2003-0848

https://access.redhat.com/errata/RHSA-2004:041

Plugin Details

Severity: High

ID: 12457

File Name: redhat-RHSA-2004-041.nasl

Version: 1.26

Type: local

Agent: unix

Published: 7/6/2004

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:2.1, p-cpe:/a:redhat:enterprise_linux:slocate, cpe:/o:redhat:enterprise_linux:3

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 1/26/2004

Vulnerability Publication Date: 2/19/2003

Reference Information

CVE: CVE-2003-0056, CVE-2003-0848

RHSA: 2004:041