- Home
- CVEs with nessus.description==A vulnerability was discovered in slocate, a program to index and search for files, whereby a specially crafted database could overflow a heap-based buffer. This vulnerability could be exploited by a local attacker to gain the privileges of the 'slocate' group, which can access the global database containing a list of pathnames of all files on the system, including those which should only be visible to privileged users.
This problem, and a category of potential similar problems, have been fixed by modifying slocate to drop privileges before reading a user-supplied database.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top