CVE-2005-2499
slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.
| Software | From | Fixed in |
|---|---|---|
| slocate / slocate | 2.2 | 2.2.x |
| slocate / slocate | 2.1 | 2.1.x |
| slocate / slocate | 2.4 | 2.4.x |
| slocate / slocate | 2.6 | 2.6.x |
| slocate / slocate | 2.3 | 2.3.x |
| slocate / slocate | 2.5 | 2.5.x |
- http://securitytracker.com/id?1014751
- http://www.osvdb.org/19034
- http://www.redhat.com/support/errata/RHSA-2005-345.html
- http://www.redhat.com/support/errata/RHSA-2005-346.html
- http://www.redhat.com/support/errata/RHSA-2005-747.html
- http://www.securityfocus.com/bid/14640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22316
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9538
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime