Oval Definition:
oval:org.mitre.oval:def:821
Revision Date
:
2007-04-25
Version
:
18
Title
:
slocate Privilege Escalation Vulnerability
Description
:
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0848
Platform(s)
:
Red Hat Linux 9
Product(s)
:
slocate
Definition Synopsis
Software section
Red Hat 9 is installed
AND
ix86 architecture
AND
slocate version is less than 2.7-2
AND
Configuration section
/usr/bin/slocate is setgid
/usr/bin/slocate is setgid
AND
/usr/bin/slocate is setgid
BACK