Slocate : Security vulnerabilities, CVEs Overflow

Copy

CVE-2003-0848

Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.

Max CVSS

4.6

EPSS Score

0.04%

Published

2003-11-17

Updated

2017-10-11

CVE-2003-0326

Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc.

Max CVSS

4.6

EPSS Score

0.04%

Published

2003-06-09

Updated

2016-10-18

CVE-2003-0056

Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.

Max CVSS

7.2

EPSS Score

0.04%

Published

2003-02-19

Updated

2017-10-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!