CVE Vulnerabilities

CVE-2003-0848

Published: Nov 17, 2003 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative pathlen value to be used.

Affected Software

Name Vendor Start Version End Version
Slocate Slocate 2.1 2.1
Slocate Slocate 2.2 2.2
Slocate Slocate 2.3 2.3
Slocate Slocate 2.4 2.4
Slocate Slocate 2.5 2.5
Slocate Slocate 2.6 2.6
Red Hat Enterprise Linux 3 RedHat slocate-0:2.7-3 *
Red Hat Linux 9 RedHat slocate *
Slocate Ubuntu dapper *
Slocate Ubuntu devel *
Slocate Ubuntu edgy *
Slocate Ubuntu feisty *

References