Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATE_PATH environmental variable.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kevin_lindsay | secure_locate | 2.1 |
| kevin_lindsay | secure_locate | 2.0 |
Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kevin_lindsay | secure_locate | 2.1 |
| kevin_lindsay | secure_locate | 2.0 |
| kevin_lindsay | secure_locate | 1.5 |
| kevin_lindsay | secure_locate | 1.4 |
| kevin_lindsay | secure_locate | 1.6 |
| kevin_lindsay | secure_locate | 2.2 |