Lucene search

MitreCVELIST:CVE-2003-0848

HistoryOct 09, 2003 - 4:00 a.m.

CVE-2003-0848

2003-10-0904:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative “pathlen” value to be used.

References

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-001.0/CSSA-2004-001.0.txt

ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc

ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc

marc.info/?l=bugtraq&m=106546447321274&w=2

marc.info/?l=bugtraq&m=106589631819348&w=2

rhn.redhat.com/errata/RHSA-2004-040.html

secunia.com/advisories/10670

secunia.com/advisories/10683

secunia.com/advisories/10686

secunia.com/advisories/10698

secunia.com/advisories/10702

secunia.com/advisories/10720

secunia.com/advisories/10722

secunia.com/advisories/9962/

www.debian.org/security/2004/dsa-428

www.ebitech.sk/patrik/SA/SA-20031006-A.txt

www.ebitech.sk/patrik/SA/SA-20031006.txt

www.mandriva.com/security/advisories?name=MDKSA-2004:004

www.redhat.com/archives/fedora-announce-list/2004-January/msg00009.html

www.redhat.com/support/errata/RHSA-2004-041.html

www.trustix.org/errata/misc/2004/TSL-2004-0005-slocate.asc.txt

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11033

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A821