Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative pathlen value to be used.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Slocate | Slocate | 2.1 (including) | 2.1 (including) |
| Slocate | Slocate | 2.2 (including) | 2.2 (including) |
| Slocate | Slocate | 2.3 (including) | 2.3 (including) |
| Slocate | Slocate | 2.4 (including) | 2.4 (including) |
| Slocate | Slocate | 2.5 (including) | 2.5 (including) |
| Slocate | Slocate | 2.6 (including) | 2.6 (including) |
| Red Hat Enterprise Linux 3 | RedHat | slocate-0:2.7-3 | * |
| Red Hat Linux 9 | RedHat | * | |
| Slocate | Ubuntu | dapper | * |
| Slocate | Ubuntu | devel | * |
| Slocate | Ubuntu | edgy | * |
| Slocate | Ubuntu | feisty | * |