CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
0.4%
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-009.0.txt
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
marc.info/?l=bugtraq&m=104342864418213&w=2
marc.info/?l=bugtraq&m=104348607205691&w=2
marc.info/?l=bugtraq&m=104428624705363&w=2
rhn.redhat.com/errata/RHSA-2004-041.html
secunia.com/advisories/10720
secunia.com/advisories/7947
secunia.com/advisories/7982
secunia.com/advisories/8007
secunia.com/advisories/8118/
secunia.com/advisories/8236
secunia.com/advisories/8749
www.debian.org/security/2003/dsa-252
www.mandriva.com/security/advisories?name=MDKSA-2003:015
www.net-security.org/advisory.php?id=2010
www.usg.org.uk/advisories/2003.001.txt
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11369