CVE-2001-0066

secure_locate - Memory Corruption via Malformed Database File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0066. PoCs published by Michel Kaempf.

AI-analyzed exploit summary This exploit targets a local buffer overflow vulnerability in Secure Locate versions 1.3 to 2.3. It manipulates heap memory structures to achieve arbitrary code execution by overwriting function pointers with shellcode.

Description

Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Michel Kaempf · clocallinux

https://www.exploit-db.com/exploits/216

View Code ZIP pw:eip

This exploit targets a local buffer overflow vulnerability in Secure Locate versions 1.3 to 2.3. It manipulates heap memory structures to achieve arbitrary code execution by overwriting function pointers with shellcode.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Secure Locate v1.3 to v2.3

No auth needed

Prerequisites: Local access to the target system · Presence of vulnerable Secure Locate binary · Ability to execute the exploit binary

MITRE ATT&CK