|
Family: Debian Local Security Checks --> Category: infos
[DSA252] DSA-252-1 slocate Vulnerability Scan
Vulnerability Scan Summary DSA-252-1 slocate
Detailed Explanation for this Vulnerability Test
A problem has been discovered in slocate, a secure locate replacement.
A buffer overflow in the setgid program slocate can be used to execute
arbitrary code as group slocate. This can be used to alter the
slocate database.
For the stable distribution (woody) this problem has been
fixed in version 2.6-1.3.1.
The old stable distribution (potato) is not affected by this problem.
For the unstable distribution (sid) this problem has been fixed in
version 2.7-1.
We recommend that you upgrade your slocate package immediately.
Solution : http://www.debian.org/security/2003/dsa-252
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|