Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative pathlen value to be used.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Slocate | Slocate | 2.1 (including) | 2.1 (including) |
Slocate | Slocate | 2.2 (including) | 2.2 (including) |
Slocate | Slocate | 2.3 (including) | 2.3 (including) |
Slocate | Slocate | 2.4 (including) | 2.4 (including) |
Slocate | Slocate | 2.5 (including) | 2.5 (including) |
Slocate | Slocate | 2.6 (including) | 2.6 (including) |