SLocate User-Supplied数据库堆溢出漏洞

漏洞信息详情

SLocate User-Supplied数据库堆溢出漏洞

• CNNVD编号：CNNVD-200311-089
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2003-0848
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2003-11-17
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  slocate
• 漏洞来源：
  Discovery credited…

slocate 2.6和可能其他版本的main.c存在基于堆的缓冲区溢出漏洞。本地用户借助修改后导致使用负\”pathlen\”值的slocate数据库提升特权。

It has been reported that this issue has been resolved in version 2.7 of the software.
SGI has released an advisory 20040202-01-U to address this and other issues in SGI ProPack 2.4. Please see the referenced advisory for more information. Fixes are available below.
Turbolinux have released an advisory (TLSA-2004-6) and fixes to address this issue. Affected users are advised to apply the appropriate updates as soon as possible. Further information regarding obtaining and applying these updates can be found in the referenced advisory. Fixes are linked below.
Debian have released an advisory (DSA 428-1) and fixes to address this issue. Affected users are advised to apply the appropriate updates as soon as possible. Further information regarding obtaining and applying these updates can be found in the referenced advisory.
Sun has released fixes for the Qube3 and RaQ4.
Sun have released a security update to address this issue in the RAQ XTR. Please see references section for further details. A fix is linked below.
Trustix has released advisory #2004-0005 with fixes to address this issue. See referenced advisory for additional details.
RedHat has released advisory RHSA-2004:040-01 and fixes to address this issue.
Mandrake has released advisory MDKSA-2004:004 and fixes to address this issue.
Fedora has released advisory FEDORA-2004-059 and fixes to address this issue.
Red Hat Enterprise Linux updates have been released. These updates can be applied via the Red Hat Network.
SGI has released an advisory 20040201-01-U with a patch to address this and other issues. Please see the referenced advisory for more information.
SCO has released advisory CSSA-2004-001.0 to address this issue.
Fedora Legacy Update Advisory FLSA:1232 has been released to resolve this issue in Red Hat Linux versions 7.2, 7.3, and 8.0.
Trustix has released an advisory (TSL-2004-0037) to address this issue. It is reported that this issue was not fixed properly and therefore new packages are available to address this problem. Please see the referenced advisory for more information.
Sun Cobalt Qube 3

• Sun Qube3-All-Security-4.0.1-16504.pkg
  
  http://ftp.cobalt.sun.com/pub/packages/qube3/ml/Qube3-All-Security-4.0
  .1-16504.pkg

Sun Cobalt RaQ 4

• Sun RaQ4-All-Security-2.0.1-16633.pkg
  
  http://ftp.cobalt.sun.com/pub/packages/raq4/eng/RaQ4-All-Security-2.0.
  1-16633.pkg

Sun Cobalt RaQ XTR

• Sun RaQXTR-All-Security-1.0.1-16633.pkg
  
  http://ftp.cobalt.sun.com/pub/packages/raqxtr/eng/RaQXTR-All-Security-
  1.0.1-16633.pkg

Turbolinux Turbolinux Desktop 10.0

• Turbolinux slocate-2.7-5.i586.rpm
  ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/upd
  ates/RPMS/slocate-2.7-5.i586.rpm

SGI ProPack 2.3

• SGI patch10050.tar.gz
  ftp://patches.sgi.com/support/free/security/patches/ProPack/2.3/patch1
  0050.tar.gz

SGI ProPack 2.4

• SGI patch10044.tar.gz
  ftp://patches.sgi.com/support/free/security/patches/ProPack/2.4/patch1
  0044.tar.gz

slocate slocate 2.6

• Debian slocate_2.6-1.3.1_mipsel.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .1_mipsel.deb
• Debian slocate_2.6-1.3.2_alpha.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_alpha.deb
• Debian slocate_2.6-1.3.2_arm.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_arm.deb
• Debian slocate_2.6-1.3.2_hppa.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_hppa.deb
• Debian slocate_2.6-1.3.2_i386.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_i386.deb
• Debian slocate_2.6-1.3.2_ia64.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_ia64.deb
• Debian slocate_2.6-1.3.2_m68k.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_m68k.deb
• Debian slocate_2.6-1.3.2_mips.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_mips.deb
• Debian slocate_2.6-1.3.2_powerpc.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_powerpc.deb
• Debian slocate_2.6-1.3.2_s390.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_s390.deb
• Debian slocate_2.6-1.3.2_sparc.deb
  
  http://security.debian.org/pool/updates/main/s/slocate/slocate_2.6-1.3
  .2_sparc.deb
• Fedora slocate-2.7-1.7.2.legacy.i386.rpm
  
  http://download.fedoralegacy.org/redhat/7.2/updates/i386/slocate-2.7-1
  .7.2.legacy.i386.rpm
• Fedora slocate-2.7-1.7.3.legacy.i386.rpm
  
  http://download.fedoralegacy.org/redhat/7.3/updates/i386/slocate-2.7-1
  .7.3.legacy.i386.rpm
• Fedora slocate-2.7-1.8.0.legacy.i386.rpm
  
  http://download.fedoralegacy.org/redhat/8.0/updates/i386/slocate-2.7-1
  .8.0.legacy.i386.rpm
• Fedora slocate-2.7-4.i386.rpm
  
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386
  /slocate-2.7-4.i386.rpm
• Mandrake slocate-2.7-2.1.91mdk.i586.rpmMandrake Linux 9.1
  
  http://www.mandrakesecure.net/en/ftp.php
• Mandrake slocate-2.7-2.1.91mdk.ppc.rpmMandrake Linux 9.1/PPC
  
  http://www.mandrakesecure.net/en/ftp.php
• Mandrake slocate-2.7-2.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64
  

  参考网址

  来源: DEBIAN
  名称: DSA-428
  链接:http://www.debian.org/security/2004/dsa-428

  来源: TRUSTIX
  名称: 2004-0005
  链接:http://www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt

  来源: REDHAT
  名称: RHSA-2004:041
  链接:http://www.redhat.com/support/errata/RHSA-2004-041.html

  来源: www.ebitech.sk
  链接:http://www.ebitech.sk/patrik/SA/SA-20031006.txt

  来源: www.ebitech.sk
  链接:http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt

  来源: OVAL
  名称: oval:org.mitre.oval:def:11033
  链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11033

  来源: BUGTRAQ
  名称: 20031011 SA-20031006 slocate buffer overflow – exploitation proof
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=106589631819348&w=2

  来源: BUGTRAQ
  名称: 20031006 SA-20031006 slocate vulnerability
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=106546447321274&w=2

  来源: SGI
  名称: 20040201-01-U
  链接:ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc

  来源: SCO
  名称: CSSA-2004-001.0
  链接:ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt

  来源: FEDORA
  名称: FEDORA-2004-059
  链接:http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html

  来源: MANDRAKE
  名称: MDKSA-2004:004
  链接:http://www.mandriva.com/security/advisories?name=MDKSA-2004:004

  来源: SECUNIA
  名称: 9962
  链接:http://secunia.com/advisories/9962/

  来源: SECUNIA
  名称: 10722
  链接:http://secunia.com/advisories/10722

  来源: SECUNIA
  名称: 10720
  链接:http://secunia.com/advisories/10720

  来源: SECUNIA
  名称: 10702
  链接:http://secunia.com/advisories/10702

  来源: SECUNIA
  名称: 10698
  链接:http://secunia.com/advisories/10698

  来源: SECUNIA
  名称: 10686
  链接:http://secunia.com/advisories/10686

  来源: SECUNIA
  名称: 10683
  链接:http://secunia.com/advisories/10683

  来源: SECUNIA
  名称: 10670
  链接:http://secunia.com/advisories/10670

  来源: REDHAT
  名称: RHSA-2004:040
  链接:http://rhn.redhat.com/errata/RHSA-2004-040.html

  来源: SGI
  名称: 20040202-01-U
  链接:ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc

  来源: US Government Resource: oval:org.mitre.oval:def:821
  名称: oval:org.mitre.oval:def:821
  链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:821