Vulnerabilities > CVE-2001-0066 - Unspecified vulnerability in Kevin Lindsay Secure Locate
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Exploit-Db
| description | dislocate - Local i386 exploit in v1.3. CVE-2001-0066. Local exploit for linux platform |
| id | EDB-ID:216 |
| last seen | 2016-01-31 |
| modified | 2000-12-02 |
| published | 2000-12-02 |
| reporter | Michel Kaempf |
| source | https://www.exploit-db.com/download/216/ |
| title | dislocate 1.3 - Local i386 Exploit |
Nessus
| NASL family | Mandriva Local Security Checks |
| NASL id | MANDRAKE_MDKSA-2000-085.NASL |
| description | Michael Kaempf reported a security problem in slocate (a secure version of locate, a tool to quickly locate files on a filesystem) on bugtraq which was originally discovered by zorgon. He discovered that there was a bug in the database reading code which made it overwrite an internal structure with some input. He then showed this could be exploited to trick slocate into executing arbitrary code by pointing it to a carefully crafted database. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 61871 |
| published | 2012-09-06 |
| reporter | This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/61871 |
| title | Mandrake Linux Security Advisory : slocate (MDKSA-2000:085) |
Redhat
| advisories |
|
References
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0356.html
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0356.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000369
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000369
- http://www.debian.org/security/2000/20001217a
- http://www.debian.org/security/2000/20001217a
- http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-085.php3
- http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-085.php3
- http://www.redhat.com/support/errata/RHSA-2000-128.html
- http://www.redhat.com/support/errata/RHSA-2000-128.html
- http://www.securityfocus.com/bid/2004
- http://www.securityfocus.com/bid/2004
- http://www.turbolinux.com/pipermail/tl-security-announce/2001-February/000144.html
- http://www.turbolinux.com/pipermail/tl-security-announce/2001-February/000144.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5594