Secure Locate LOCATE_PATH认证漏洞

漏洞信息详情

Secure Locate LOCATE_PATH认证漏洞

• CNNVD编号：CNNVD-200006-080
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0602
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2000-06-21
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2006-08-23
  
• 厂        商：
  
  kevin_lindsay
• 漏洞来源：
  Posted to Bugtraq …

Red Hat Linux中Secure Locate (slocate)存在漏洞。本地用户借助LOCATE_PATH环境变量中指定的畸形配置文件可以提升特权。

Netnation Communications Secure Locate 2.0

• Kevin Lindsay Secure Locate 2.2This upgrade was released by Kevin Linsday, the author of Secure Locate.
  ftp://ftp.mkintraweb.com/pub/linux/slocate/src/slocate-2.2.tar.gz

Netnation Communications Secure Locate 2.1

• Kevin Lindsay Secure Locate 2.2This upgrade was released by Kevin Linsday, the author of Secure Locate.
  ftp://ftp.mkintraweb.com/pub/linux/slocate/src/slocate-2.2.tar.gz

来源: BUGTRAQ
名称: 20000621 rh 6.2 – gid compromises, etc
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211209500.22969-100000@nimue.tpi.pl

来源: BID
名称: 1385
链接:http://www.securityfocus.com/bid/1385