Lucene search

UbuntuUSN-425-1

HistoryFeb 22, 2007 - 12:00 a.m.

slocate vulnerability

2007-02-2200:00:00

ubuntu.com

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Releases

Ubuntu 6.10
Ubuntu 6.06

Details

A flaw was discovered in the permission checking code of slocate. When
reporting matching files, locate would not correctly respect the parent
directory’s “read” bits. This could result in filenames being displayed
when the file owner had expected them to remain hidden from other system
users.

OSVersionArchitecturePackageVersionFilename
Ubuntu6.10noarchslocate< 3.1-1ubuntu0.1UNKNOWN
Ubuntu6.06noarchslocate< 3.0.beta.r3-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	6.10	noarch	slocate	< 3.1-1ubuntu0.1	UNKNOWN
Ubuntu	6.06	noarch	slocate	< 3.0.beta.r3-1ubuntu0.1	UNKNOWN

References

ubuntu.com/security/CVE-2007-0227

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for USN-425-1