Total vulnerabilities in the database
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
Software | From | Fixed in |
---|---|---|
slocate / slocate | 2.2 | 2.2.x |
slocate / slocate | 2.1 | 2.1.x |
slocate / slocate | 2.4 | 2.4.x |
slocate / slocate | 2.6 | 2.6.x |
slocate / slocate | 2.3 | 2.3.x |
slocate / slocate | 2.5 | 2.5.x |